Cornelius Kölbel

There is also the *pw* token, which could be used with event handlers and additional tokeninfo values to achieve probably all scenarios. According to https://login-success.podigee.io/9-features-oder-konzepte I want to avoid implementing...

In our last BAM we discussed this in more detail: # Identify the machine A request is sent from the client to privacyIDEA. How would it be possible to identify...

# Implementation If we already seleced a scope, then we should only search in this scope. If no scope is selected, we could search in all scopes. But then, wen...

This is a good idea, I split this.

Interesting. PSKC is rather used to transport crypto data between different systems. These will most probably also handle user names or identifiers differently. This would need to be adaptable. However,...

@plettich In regards to replaceing SQLSoup we might also look into #3130 and consider adding a table schema in the SQL resolver config. This might also speed up resolution.

I think you should put "zh_Hans/t" in front of "en". Otherwise your browser could be fine with "en".

I think this is a generic thing. There are many occasions where you can not select the "preselected" value. Look at tokentypes, if a user is allowed to enroll three...

To be able to add the resolver to the signature and also verify the old signatures, we need to add a privacyidea-version number to the signature. We would have to...

A client could call: `/validate/preauthenticate` (could also trigger challenge) and depending on this `/validate/check` `/validate/preauthenticate` would take a parameter `user`, maybe `realm` and also come with HTTP headers. Does it...