Andrew E. Bruno

The `resetpw` and `verify-email` commands replace the `newacct` email. Is there some specific functionality you're looking for that these commands don't currently do?

@mmorgotti Great idea. I'll add it as a feature request. Thanks for the feedback

Sending tokens via SMS would be an interesting feature. No current plans to implement this but will give it some thought. The new version of mokey allows for user sign...

@pqvindesland Not sure how this would be related to the `require_verify_email` setting. This seems like it's strictly an apache proxy issue? We don't use apache but FWIW, here's what we...

@varesa Thanks for reporting this. In the next upcoming version of mokey this will be configurable. Hoping to have the next version out soon.

@pqvindesland These will be configurable in the next release of mokey. Hoping to have that out soon.

@zem I believe this issue is in regards to creating recovery codes in the event a user lost their OTP token (changes device etc.). Currently this requires admin intervention.

@Jonathan-Caruana Agreed. Adding a description to the otp tokens is coming in the next release.

> Is the logout flow missing in mokey? Or am I misunderstanding the OpenID logout flow? Yes, this logout flow is not implemented in mokey. Currently, the logout just revokes...

Agreed, we should probably update this. The reason for using sha1 was that it seems to be the [default in FreeIPA](https://pagure.io/freeipa/blob/master/f/ipaserver/plugins/otptoken.py#_231) and in our testing it was supported by most...