Is it possible to audit which token is assigned to which client’s end device (andorid, apple …etc)? also while enrolling a new token, is it possible to specify a time out of the enrollment process? i mean if the user doesn’t scan a barcode on time, the token will be invalid.
I do not quite understand it. You mean a user has several smartphone app tokens?
And what do you want to do?
You can specify (and increase) the general logout time from the webui in a webui policy. You can not define a special logout time during enrollment.
Thank you for the reply. I mean, is it possible to register/log a user token a long with the smartphone he/she uses? so i can see which token is used on which smartphone device.
The simple enrollment in accordance to the Google Authenticator with the QR code does not tell you anything about the smartphoen.
Answer: No you can not.
You can try to have the user enter a descriptiong (see issue https://github.com/privacyidea/privacyidea/issues/928)
But this would be totally up to the user!