Hello.
We use PrivacyIDEA with Citrix Netscaler Gateway.
OTP is requested via /validate/triggerchallenge with active authz policy application_tokentype: true.
Requests are being sent through nfactor with the ‘type’ parameter. These requests are filtered by user membership in MS AD groups.
We want to AutoEnroll sms and email tokens via an Event Handler /validate/triggerchallenge, if the user does not have any token of this type.
Apparently there is only a “user_token_number” condition in the “user” section. What we would like to have is a condition based on the token type.
For example, we want to AutoEnroll an sms token if there are 0 sms type tokens but not the total number of tokens. In some cases,
the user may have several types of token and the Event Handler condition will not be met.
Or maybe there is another way to implement it?
thanks