Use this version only with privacyIDEA 3.11 or higher
- Passkey. Unfortunately, usernameless is not possible with AD FS, see the README for recommendations for the use of this plugin. Passkey login can be disabled with the disable_passkey=1 setting.
- Passkey enrollment via validate.
- Changed the parameter names when doing WebAuthn to be uniform with passkey. That is why privacyIDEA 3.11 is required for WebAuthn to work.
- Added auto_submit_otp_length setting to set a OTP digit count for which to automatically submit the form.
- Removed preferred_client_mode setting in favor of the policy in the privacyIDEA server.
- Token enrollment via challenge-response
- Preferred client mode can be set from the server
- Add German (de-de) and British English (en-gb) as supported languages.
- Option to enroll TOTP token if the user has none. This requires a service account to be set (#17)
- Option to forward selected headers (#24)
- Option to set the TLS version explicitly. By default the system version is used as advised by Microsoft (#23)
- Option to set a custom hint for the OTP input (#21)
- Option to set the preferred token type (if such token was triggered, see docs) (#32)
- If a user has multiple WebAuth token, all of them will be usable now (#29)
- Fixed an issue that would prevent multiple consecutive challenges from working
- WebAuthn
- Configurable Windows Domain to privacyIDEA realm mapping
- OTP Token like HOTP and TOTP
- Challenge-Response with Email and SMS
- Push Token
- MSI Installer