Query of the second factor only for previously defined groups
In the new version it is possible to query the second factor only if the user is part of a previously defined group. This new possibility is added in addition to the already existing function of excluded groups. It makes it easier for administrators to define exactly which groups should do two-factor authentication and which should not. For example, in the future it will be easier to protect only accounts with higher permissions by the second factor.
HTTP header forwarding
In addition, selected, configurable HTTP headers can be forwarded to privacyIDEA from the user’s browser or HTTP proxies. This means that it is possible to pass specific information to privacyIDEA. Administrators can use this new setting to create policies in privayIDEA with the conditions.
The last new feature of the update is of interest for users of multiple WebAuthn tokens. In the future, a user who owns multiple WebAuthn tokens can use any of them for authentication.
Availability and Support
Das Plugin kann direkt von Github heruntergeladen werden.
Für den kritischen Unternehmenseinsatz bietet NetKnights für das Keycloak-Plugin als Erweiterung zu privacyIDEA ebenfalls ein Service Level Agreement an.