15.2.1.2.13. Registration Code Token

class privacyidea.lib.tokens.registrationtoken.RegistrationTokenClass(aToken)[source]

Token to implement a registration code. It can be used to create a registration code or a “TAN” which can be used once by a user to authenticate somewhere. After this registration code is used, the token is automatically deleted.

The idea is to provide a workflow, where the user can get a registration code by e.g. postal mail and then use this code as the initial first factor to authenticate to the UI to enroll real tokens.

A registration code can be created by an administrative task with the token/init api like this:

Example Authentication Request:

POST /token/init HTTP/1.1
Host: example.com
Accept: application/json

type=registration
user=cornelius
realm=realm1

Example response:

HTTP/1.1 200 OK
Content-Type: application/json

{
   "detail": {
     "registrationcode": "12345808124095097608"
   },
   "id": 1,
   "jsonrpc": "2.0",
   "result": {
     "status": true,
     "value": true
   },
   "version": "privacyIDEA unknown"
 }

Create a new token object.

Parameters

db_token (Token) – A database token object

Returns

A TokenClass object

static get_class_info(key=None, ret='all')[source]

returns a subtree of the token definition

Parameters
  • key (string) – subsection identifier

  • ret (user defined) – default return value, if nothing is found

Returns

subsection if key exists or user defined

Return type

dict or scalar

static get_class_prefix()[source]
static get_class_type()[source]
password_detail_key = 'registrationcode'
post_success()[source]

Delete the registration token after successful authentication

update(param)[source]

This method is called during the initialization process. :param param: parameters from the token init :type param: dict :return: None