idp reports back if user has 2fa (!28) · Merge requests · immerda / Immerda Apps / iapi

o@ungehorsam.ch requested to merge idp2fa into master Dec 03, 2020

the idp returns a different authncontext depending on the user having 2fa enabled. by default it returns

urn:oasis:names:tc:SAML:2.0:ac:classes:Password

with 2fa

urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordWith2FA

there seems to be no agreed upon standard what to return and also no sensible default option.

idp reports back if user has 2fa