https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Bug ID: 32404 Summary: Two-factor authentication for staff client doesn't work for all staff accounts Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Authentication Assignee: koha-bugs@lists.koha-community.org Reporter: kelly@bywatersolutions.com QA Contact: testopia@bugs.koha-community.org CC: dpavlin@rot13.org With the new feature, Two-factor authentication for staff client - TOTP, staff permissions seem to be needed to activate this: my ( $template, $loggedinuser, $cookie ) = get_template_and_user( { template_name => 'members/two_factor_auth.tt', query => $cgi, type => 'intranet', flagsrequired => { editcatalogue => '*' }, } ); which means that only staff with top-level catalogue permissions can activate their two-factor authentication. However, I believe this should be allowed by all staff accounts which would change this feature to allow staff to have just the "Staff access, allows viewing of catalogue in staff interface (catalogue) " permission. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.