Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
For certain policies it might make sense to allow the tokentype to be taken into accout like:
But there are a lot of other policies, where it would not make sense or where it would result in wrong expectations
So the question is, if it makes sense at all to add further conditions to the policies or to split the actions, where it seems to be necessary like:
In some scenarios we already have this distinction like totp_hash and hotp_hash.
This is why tokenclasses were allowed to add policy-actions in the first place.