Hello, Very new to freeipa but find it to be very powerful and very capable. I have been using Keycloak for some time now and am interested in using FreeIPA as a OTP password provider (if possible).
I am running FreeIPA 4.10.2 and am having problems with a plain/regular user creating a OTP token from the GUI and the created token is based as SHA1. I would like for it to be either SHA256 or SHA512. I have spent many hours scouring the web and am unable to find where this is a user-selectable option under the user's login. I am also unable to find it in any of the settings while logged in as admin. I did make a change to: /usr/share/ipa/ui/js/freeipa/app.js and changed the default to sha512 and if I were to login as admin and create a new token for a user (testuser), I do have a GUI ability to choose the strength of the OTP token. However, this is not presented to a normal user (belonging to only ipausers group). How do I change/enable this ability for a plain user to login to freeipa server, create a OTP token and change the hash strength? Any help would be greatly appreciated. Thanks, Jeff -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
