The new version is a plugin for the SSO service simpleSAMLphp, which is used in the Univention Corporate Server. This plugin allows users to use any token type managed in privacyIDEA for single sign-on to simpleSAMLphp and thus to the Univention Corporate Server.
The administrator can manage the users’ tokens centrally in privacyIDEA and define which token types he can issue to users or users can issue to themselves. Until now, users could log in to the Univention Corporate Server’s single sign-on service using a second factor such as a smartphone app, keyfob token, Yubikey, SMS or a code via email.
With the new version 2.0, this is now also possible using U2F and Webauthn tokens. WebAuthn is the latest standard specified by FIDO and the W3C and enables the user to use various authentication objects.