On to, 11 maalis 2021, dd4321 Dey via FreeIPA-users wrote:
Hi
Is it possible to add/generate OTP token without using IPA user
interface ? Due to security reasons, i don't want to give access to IPA
web interface to users. Recently, i have configured password manager
which integrates OpenLDAP/IPA server. So each user can change their
password using password manager eliminating needs for accessing IPA web
UI. In the same way, is it possible to do the same i.e generating OTP
token using any third party application ?
Use IPA command line tools. They have everything you see in UI and even
more as some functionality is not implemented in Web UI yet.
'ipa otptoken-add' would add the token and display the QR code in
console. This is basically the same as in UI.
IPA command line tools have help and self-discovery, use it:
ipa help
ipa help topics
ipa help otp
ipa help otptoken
ipa help otptoken-add
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland