Today NetKnights GmbH releases the simpleSAMLphp plugin in version 2.1.1.
With the privacyIDEA simpleSAMLphp plugin the administrator can add 2FA to the Single Sign-On IdP by authenticating against privacyIDEA.
The second factor only once or every time
In version 2.1.1 the administrator can now configure whether a user has to enter the second factor once per application when logging in, or only once at the beginning of the session. In this case the user is not asked for the 2nd factor anymore, when switching applications.
This allows the administrator to choose between higher security and better usability.
The plugin is available via Github and also via installation using Composer. We recommend the installation via Composer.
A packaging for the 2FA login on the Univention Corporate Server will follow.