I’m creating a simple web page where a user can configure some settings for his account that uses the REST api.
I’ve created a registration token for a user and I’m validating the token using the /validate/check API method.
The validation of the token works, but the token is not automatically removed after the first successful authentication. According to 188.8.131.52.13. Registration Code Token — privacyIDEA 3.6 documentation the token should be automatically removed after first use?
Should the removal of the token not happen automatically? Or should my custom application do that manually using the REST api after using the token?
I’m using privacyIDEA 3.6.
Update: when I look at the token in the admin interface, it seems the Count is not increased when i validate the token. Also when I enter an incorrect value for the registration token, the failcount is not increased for this token.