Allow specific token types only


I have not found any option to force specific token type for different situations.
For example, I use push tokens with RD Gateway - it works great. But I do not need using any other tokens for RD Gateway. So now, if user does not Accept push token (or just the request became invalid by timeout) he still gets OTP by email. If user Accepts push then he does not get email OTP.
Can we do something to disable sending OTP by email if user haven’t accept push?


You could work on

Thanks! Good to know that you have such feature request. But I can only hope that this feature will be released sometime :slight_smile:

Actually we need email token only once for user’s first login to PI. I have done an event handler to enroll email token while user logs in to PI first time. After that user enrolls Push token and we do not need email token anymore.
So now I’m trying to disable email token with an event handler. I have tried several configurations but without success. Here is an example:

  • Events: auth
  • Handlermodule: Token
  • Position: post (tried Pre too)
  • Condition: otp_counter: >1 and tokentype: email (have tried some other conditions)
  • Action: disable
    And this event handler doesn’t work. Cannot find anything useful in log files.
    Absolutely similar event handler for SMS tokens works fine.

Do you have any ideas why this handler doesn’t work?