4. WebUI

privacyIDEA comes with a web-based user interface which is used to manage and configure the privacyIDEA server. It is also used a self-service portal for the average user, who manages his own tokens. This section gives an overview on the interface and links the respective sections in the documentation.

4.1. Dashboard

Starting with version 3.4, privacyIDEA includes a basic dashboard, which can be enabled by the WebUI policy admin_dashboard. The dashboard will be displayed as a starting page for administrators and contains information about token numbers, authentication requests, recent administrative changes, policies, event handlers and subscriptions. It uses the usual endpoints to fetch the information, so only information to which an administrator has read access is displayed in the dashboard.


4.2. Tokens

The administrator can see all the tokens of all realms he is allowed to manage in the tokenview. Each token can be located in several realms and be assigned to one user. The administrator can see all the details of the token.


Tokens overview

The administrator can click on one token, to show more details of this token and to perform actions on this token. Read on in Functionality of the Tokens view.

In the Token Applications the administrator can check for all SSH Keys attached to services and for HOTP tokens attached to machines for offline authentication. Also see Machines.

4.3. Users

The administrator can see all users fetched by UserIdResolvers located in Realms he is allowed to manage.


Users are only visible, if the useridresolver is located within a realm. If you only define a useridresolver but no realm, you will not be able to see the users!

You can select one of the realms in the left drop down box. The administrator will only see the realms in the drop down box, that he is allowed to manage.


The Users view list all users in a realm.

The list shows the users from the select realm. The username, surname, given name, email and phone are filled according to the definition of the useridresolver.

Even if a realm contains several useridresolvers all users from all resolvers within this realm are displayed.

Read about the functionality of the users view in the following sections.

4.4. Machines

In this view Machines are listed which are fetched by the configured machine resolvers. Machines are only necessary if you plan special use cases like managing SSH keys or doing offline OTP. In most cases there is no need to manage machines and this view is empty.


The Machines view.

4.5. Config

The configuration tab is the heart of the privacyIDEA server. It contains the general System Config, allows configuring Policies which are important to configure behavior of the system, manages the Event Handler and lets the user set up Periodic Tasks.


The Config section is the heart of the privacyIDEA server.

4.6. Audit

In this tab, the Audit log is displayed which lists all events the server registers.


Events can be displayed in the Audit log.

4.7. Components

Starting with privacyIDEA 2.15 you can see privacyIDEA components in the Web UI. privacyIDEA collects authenticating clients with their User Agent. Usually this is a type like PAM, FreeRADIUS, Wordpress, OwnCloud, … For more information, you may read on Application Plugins. This overview helps you to understand your network and keep track which clients are connected to your network.


The Components display client applications and subscriptions

Subscriptions, e.g. with NetKnights, the company behind privacyIDEA, can also be viewed and managed in this tab.