how can i use a separate port for privacyidea ui and privacyidea credential provider? because opening port 443 and provide access to the ui to everyone on the server is, to put it mildly, not safe
Hi and welcome,
This is currently not possible out of the box since the Credential Provider and the WebUI use the same API.
You could run two instances which use the same database on different ports, on with the WebUI disabled (add PI_UI_DEACTIVATED = True to the configuration file).
It could also be possible disable the request for the root path in the webserver configuration or redirect it to a different URL (Some browsers might complain about cross origin resource sharing).
no problem, that can’t do this out of the box
I divided the requests for WebUI and for checking the token using Apache config and allowed only certain users to go to WebUI
1 Like