Hi all, the context is mfa-composite (gauth+webauthn), redis (valkey actually), cas 7.3
in v7.3, a new remove button appeared (vs 7.2) in account manager/mfa devices manager, so that an user would remove his mfa devices. It works well when removing a webauthn device, but not for a gauth device. But, with curl on the gauthCredentialRepository endpoint, it's working : curl -k -X DELETE "https://localhost/cas/actuator/gauthCredentialRepository/username"; -> the gauth device disappear from the account manager portal. The gauth device looks like it's stored in the CAS-TOKEN_PRINCIPAL:username entry in the redis db, with a no limit expiration-date. properties in this test are : trusted-device-enabled: true multiple-device-registration-enabled: false device-registration-enabled: true Regards, -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/00932c94-203a-449f-afef-bcb5919cc594n%40apereo.org.
