Skip to content

idp reports back if user has 2fa

o@ungehorsam.ch requested to merge idp2fa into master

the idp returns a different authncontext depending on the user having 2fa enabled. by default it returns

urn:oasis:names:tc:SAML:2.0:ac:classes:Password

with 2fa

urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordWith2FA

there seems to be no agreed upon standard what to return and also no sensible default option.

Merge request reports