PrivacyIdea ADFS and token types

Hello all,

I’m currently testing PI linked with ADFS and the usage of TOTP tokens. It works fine. It seems TOTP is the only token supported by the ADFS plugin. Am I right ? If it is the case, is there any roadmap to include other type of tokens to the ADFS plugin ?

Thank you very much for your help !

Regards
Nicol

Can you please elaborate on how you come to your assumption that TOTP is the only supported token type?
Thanks.

Hello,

Sorry for my bad english first :grinning: I think it is a limitation of the adfs plugin and not a privacyidea limitation. I was able to enroll u2f token, but it was not possible to use it through adfs (with the adfs plugin I mean)… I hope I am more clear. Thank you in advance for your feedback (and thank you also for your quick reply)

Regards
Nico

it could be that it does not work.
We do not know what software - i.e. which ADFS Plugin you are using.

Hello,

I’m using this one : GitHub - privacyidea/adfs-provider: Authentication provider for Microsoft AD FS to use with privacyIDEA.

I think in fact this one does not support u2f (yet). Check if you can use webauthn, which it does support. But also note, that webauthn is a challenge response token.
To my knowledge the only types which are not supported by this plugin are u2f (can usually be replaced by webauthn) and TiQR.

Thank you Cornelius for your feedback and for your time. Despite it all, I will stay a supporter of Privacyidea :grinning:
Have a nice weekend

Regards
Nico

1 Like