Login webui + register sms token + access challenge

I am install PI and able to integerate with AD.

I need web ldap user login to PrivacyIdea it should do autoenrollment for SMS and it should ask access challenge “Please Enter OTP:” (this OTP from sms).

After that it should login successfully to WebUI, then its should take us the Enrollment for TOTP.

After successfully register TOTP it should delete SMS Token.


this sounds like a cool concept.

So you are using SMS only once for initial enrollment.
You could even delete the initial SMS token, when the user has enrolled his TOTP token!

Hi @cornelinux

What kind of policy and event handler I need to create for this.

Can you please suggest me with example.


You should be able to achieve this by using an event handler using the “Handler module” → “Script”. On “Events” → “token_init” for TOTP tokens triggering a token lookup of the user for SMS type and delete. The last part for looking up the SMS type and delete would have to be written in a Python script to extend privacyidea’s capability to conform to what you are looking for.

You can look at the privacyidea github for some great examples on how to script the event handling.