Push Token - /auth Authorization Token

I’ve been testing the push tokens for a little bit. It works great for a /validate/check but I wanted to ensure I was doing the /auth workflow properly.

I need to be able to get the authorization token and here is what I have been doing to get it:

  1. Call /auth endpoint with correct PIN
  2. Receive response that token needs to be confirmed on device
  3. Confirm within privacyIDEA authenticator
  4. Respond to the /auth with a blank PIN (using the challenge/transaction ID from #2)
  5. Authorization token is provided in response

Is this the proper workflow for this or will this change in the future?

You want to get an authorization token with a PUSH token?
What is your scenario?

Basic thing is:

My scenario is having a small web application that allows a user to view/edit/set PIN on their own tokens.

For all standard tokens or challenge based it works as follows:

  1. Send PIN to /auth
  2. Receive challenge and send challenge response back to /auth
  3. Receive auth token

For push tokens I have the following setup:

  1. Send PIN to /auth
  2. Display notification to user to accept request on their phone
  3. Poll /token/challenges until it is marked answered or it expires
  4. <What do I do here to get the auth token now that the /token/challenges has been marked answered>

For #4 in the push token, I have been sending back a /auth with a blank PIN after I find the /token/challenges has been answered and it appears to function properly, but I wanted to confirm that this was the proper way to get the auth token.

If I understand you correctly, you could do this in the following way:
4. do /auth username=yourUser transaction_id=yourTransactionId
This should work