cornelinux
commented
4 years ago This is ment to be a client component for a centrally managed authentication system. I.e. your enrollment processes are controlled process, which should not happen during authentication with 1FA.
Please note, that the user could also login to privacyIDEA self service and enroll a token on his own. However, rollout scenrios are very flexible and thus hard to do. We should not weaken the security.
i am able to login with 2FA ok using TOTP method but only if i manually create TOTP token inside privacyIDEA admin portal. But is there any possibility to generate QR code inside terminal for new TOTP token while you are fresh new user trying to login for first time without any token created so far? like here Video example
thanks :)