In some cases it is desirable if a admin can configure that it is not possible for an user to (over)write specific methods in the self enrollment.

For more flexibillity it would be nice if this can be handled over groups.

As an example:
A company allow self-enrollment for all users. The User should be use the chain TOTP & PIN for authentication.
The TOTP token will be assigned by the admins.
In the self enrollment portal the user is able to change "PIN" for self-/re-enrollment but for the "TOTP" the get only the information that they is not allowed to change the settings.

Comments

  • Good idea. We will get this scheduled. I will update this entry when we have it firmly in a release.

    T