Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
TOTP GUI restriction for Users
« previous
next »
Print
Pages: [
1
]
Author
Topic: TOTP GUI restriction for Users (Read 1377 times)
nlaird80
Newbie
Posts: 16
Karma: 0
TOTP GUI restriction for Users
«
on:
September 06, 2016, 10:02:30 pm »
We allow our users of VPN to sign into the management GUI and only access the password management page. This lets them self-service a password change. What we would also like to allow is self-service for TOTP seeds (at a minimum the ability to get their QR). I cannot determine if there is already a permission in the access-control.
Any way to allow self-service for this? I would even be willing to accept self service to their own account management page (but not other users')
Thanks!
Logged
franco
Administrator
Hero Member
Posts: 9007
Karma: 609
Re: TOTP GUI restriction for Users
«
Reply #1 on:
September 19, 2016, 12:45:46 am »
Hi there,
At the moment there is no "profile" page for users that is tailored for read-only access of their settings.
I don't know what the best place would be for such a feature and what other data it should display.
Aiming for a simple solution... maybe showing the QR code on the password change page would be enough if the user has an OTP seed assigned?
Cheers,
Franco
Logged
nlaird80
Newbie
Posts: 16
Karma: 0
Re: TOTP GUI restriction for Users
«
Reply #2 on:
September 21, 2016, 09:02:22 pm »
That would most likely be enough. We just want users to be able to change their own passwords and/or get their QR code without the admin from manually distributing them all (50+).
Logged
franco
Administrator
Hero Member
Posts: 9007
Karma: 609
Re: TOTP GUI restriction for Users
«
Reply #3 on:
September 21, 2016, 09:17:25 pm »
I've recorded this as ticket
https://github.com/opnsense/core/issues/1197
just now, thanks
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
TOTP GUI restriction for Users
