WebUI login challenge text

Hi!
I’ve added several token types (Push and email) for users. All of them work fine.
But can I customize text which tells user what to do when he logs in to PI WebUI?
I’m talking about this text: “Please confirm with one of these tokens:…”
Maybe some policy? I’ve found only how to customize email text or push text for PI mobile app, but not that text in WebUI.
I’d like to tell user something like “Please, confirm your request with PI mobile application”.
We use push poll-only tokens, so users do not have true-push notifications on mobiles.

Thanks!

You can play with the challenge_text and challenge_text_header policy.

https://privacyidea.readthedocs.io/en/latest/policies/authentication.html#challenge-text-challenge-text-header-challenge-text-footer

This is ment, that you could even generate an html list of the challenged tokens.

Try a policy like:

• scope:authentication
• action: challenge_text=do-some-thing.

I have tied to set challenge_text and it does not work.
I’m still get “Please confirm with one of these tokens:…” text when logging in to WebUI.

I’m pretty sure that this policy is applied. I can see it in Audit logs. And some other parameters of this policy work fine (for example emailsubject).

OK, you are right.
this is handled by the mangle_challenge_response decorator (https://github.com/privacyidea/privacyidea/blob/7183060ea8d7487846e47afc8e380d51c8bfce46/privacyidea/api/lib/postpolicy.py#L807) which is only used in /validate/check and not in /auth — the endpoint that is used for logging in to the privacyIDEA webui.

So, is there any chance to change that text some easy way?

I think we need to enhance the policy this way, that it is also used in the /auth endpoint.

So short answer: I do not think so.

Hm, maybe with the mangle handler. But this is a far fetch. So - not easy.

Ok! It would be great if you add such option in some future versions
Thanks anyway!