I would like to reduce the vector of brute force attacks in my web
application written in php. Users can login via passord and otp which
are hosted on freeipa.

To achieve this I would like to check the otp first, so no password auth
is done on the freeipa server and no user can be locked out.

If the otp is correct, the user is now allowed to to login via password+otp.

unfortunately, there is no api method that can check only the otp for a
user with an  identity.

Would it be possible to expose such a new method?

kind regards

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to