Hello,
I’ve set up an authentication flow with email token.
The authentication is ok, but the audit log errors every time someone authenticate:
I’m on PrivacyIdea 3.5.1.
Is it normal behaviour?
Regards,
Gab
I’m on PrivacyIdea 3.5.1.
Is it normal behaviour?
Regards,
Gab
This is the normal behaviour.
The audit log records every request to the API.
You are using the email token as challenge response.
I.e. the first request to /validate/check is not a finally successful request, but it triggers the email. At the point privacyIDEA does not know, if there is a successful login. This request at least is not a successful login.
If the user then enters the sent OTP value, the user is (successfully) logged in. This is the seconds call to /validate/check.
Note, in newer versions of privacyIDEA, there is an additional field SUCCESS, FAIL, and CHALLENGE.
Also read 6.1. Authentication Modes and Client Modes — privacyIDEA 3.10dev1 documentation for more details.
Hello,
Sorry for the delayed answer.
Thank you for your informations.
Regards,
Gab