You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a challenge is answered with PIN + OTP but without transaction_id, the challenge will not be deleted from the challenge table. (see sbidy/privacyIDEA-ADFSProvider#15).
We could add an additional parameter delete_challenge=1 in the /validate/check request to indicate that the challenges for this serial number should be deleted in case of a successful authentication.
The text was updated successfully, but these errors were encountered:
Reading through the problem in the ADFS Provider it was actually due to different transaction_ids.
In the meantime we have the same transaction_id for all tokens in a chal-resp auth request and reworked the handling of the transactions. I am closing this.
If a challenge is answered with
PIN + OTP
but without transaction_id, the challenge will not be deleted from the challenge table. (see sbidy/privacyIDEA-ADFSProvider#15).We could add an additional parameter
delete_challenge=1
in the /validate/check request to indicate that the challenges for this serial number should be deleted in case of a successful authentication.The text was updated successfully, but these errors were encountered: