Cornelius Kölbel

# How the phone authenticates The challenge for such endpoint is, that we do not have an authorization header. While a user or admin triggers the first step of the...

Search by typing and issue two requests via ``GET /token`` and ``GET /user``. Under the search input field the found resulst are displayed similar to the tokenlist view or the...

See https://privacyidea.readthedocs.io/en/latest/policies/authorization.html#auth-max-success We could implement this in a similar way, like auth_max_fail and auth_max_success: `auth_max_challenge`.

This is similar to #3078 We could add additional information to the audtit log: * [ ] All serial numbers (types) of tokens that received challenge response * [ ]...

Further thoughs: * How should we know the information how many sms where sent? * It could be saved in the tokeninfo. * It could be read from the audit...

A simple setup could be to increase the fail counter when the challenge was sent. (This could be configurable) (see "Increase Failcounter on False PIN".

In a perfect world you are totally right. The policy names are keywords. So if we would change this, we would have to write manual migration scripts for all configured...

@cmbyrne Thank you for your request. You could push this by * adding a link to the docs and the parameter * adding a link to code * giving a...

@cmbyrne Can you give an example or suggestion how you would like to configure (an thus save) the schema in the resolver configuration?

I think this is really not that important to skip actual issues in our weekly project. Is it too complicated to educate IT guys to run script as root. are...