For users; disable PIN and force to select only one Token Type

Hi community members,

I’m newbie with the PrivacyIDEA. My question is; is it possible to, when user logged in the webui, hide create pin control and force to select only one token type? For example, user can only select TOTP (perhaps cannot select other token types, or completely hide this control) and user not have to enter pin.


Not exactly sure how to hide the PIN input boxes…though I know you could always customize the HTML and just remove that div.

As for the token type selection, that can be controlled via policies. Create a user scoped policy and under the enrollment section, you’ll see a list of tokens you can set that the user is eligible for.

I would also recommend considering the below settings. The settings under the miscellaneous section are for compatibility with the Google Authenticator app.


1 Like

Thank you very much.

By the way: If you do not use all tokentypes, it is also practical to restrict your superadmin by disabling several enroll* policy actions to shorten the tokentype list.