Cornelius Kölbel

Requesting a certificate from privacyIDEA *after* the user successfully authenticated with PIN and OTP is actually also something that Microsoft suggested for a OTP credential provider, which should receive a...

I think we can close this issue. Enrolling a certificate can be done with ``/token/init?type=certificate`` after a successful ``/validate/check``. But we can discuss certificate handling internally.

Hm, looking at this again I am wondering, what we want to achieve. After a successful auth request or validate/check we can enroll a certificate with an event handler. But...

Basically this can be done today. We might want to see this in the context of certificates and smartcards.

If we enroll a certificate in the token handler, we should add additional parameters, just like with the SMS token type. * CA Connector * Certificate template * [x] generate...

All these buttons. Pressed wrong. However, we never claimed to be able to change passwords in FreeIPA, so I change this to *Enhancement* and adapted the subject.

Let's look into your CA config. The openssl CA can be configured in many ways. E.g. I can enroll a certificate token for a user. Then I am able to...

Also check #2510

@nilsbehlen I would start implementing this on the server side: * key ``client_mode`` with the possible values: * ``interactive`` (would be used for OTP tokens, Email, SMS) * ``poll`` (would...

@nilsbehlen Thanks, would it be the same process like u2f? Should be call this "fido" or is "webauthn" or "fido2" specific enough for the clients?