Cornelius Kölbel

Conceptual Thought: In the tokenclasses we can have a class constant that defines the ``client_mode`` setting value per class. Or can the client_mode differ for a certain token type? I...

@nilsbehlen Do you remember, what "preferred client mode" is?

The Federation Handler currently inherits from the BaseHandler: https://github.com/privacyidea/privacyidea/blob/8cfd93fdd90abafe3b864f9aa9a3f3a182f1da21/privacyidea/lib/eventhandler/base.py#L112 Which is only located in the POST-position. If we would do Pre-Handling, then we could forward requests to different privacyIDEA instances...

> * If the server is acting purely as a proxy, I wouldn't think you'd want any user checking to be performed. If you're meaning in the construction of the...

This is a nice main feature for 3.6.

This should go togeather defined with #2966

We should even drop official support for python

I think this could be part of a bigger, more generic solution (see #1242 or #2993). The Challenge text could also contain other information like the serial number or even...

The challenge itself has limited information. E.g. the [Challenge Object](https://github.com/privacyidea/privacyidea/blob/d1a5533f012090ef83f8d882c9f993ad557911e7/privacyidea/models.py#L1308) does not contain the phone number of an SMS token. It think tag (placeholder) contents can come from: 1. The...

# Implementation ## Policy The policy would be: * scope: auth * action: enroll_token_via_validate=. # This can only take *one* tokentype, since it must be clear, which token would be...