https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41584 Bug ID: 41584 Summary: Don't ask for 2FA OTP after SSO login Initiative type: --- Sponsorship --- status: Product: Koha Version: Main Hardware: All OS: All Status: NEW Severity: normal Priority: P5 - low Component: Authentication Assignee: koha-bugs@lists.koha-community.org Reporter: magnus@libriotech.no QA Contact: testopia@bugs.koha-community.org CC: dpavlin@rot13.org We have a setup where 2FA = Enforce, and Shibboleth is enabled. When users choose the SSO login they are redirected to the idP, sign in there and are then return to Koha. But when they are returned to Koha they are asked to provide the 2FA OTP. If they do not have 2FA set up for their account they get a blue box with information about how to set it up, and a key/QR-code. I am not sure if this happens by accident or design, but it seems to me that signing in with the idP should be enough, and Koha should not ask for further "credentials". I might be wrong, though. :-) -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.