12.2. Token Enrollment Wizard¶
The enrollment wizard helps the user to enroll his first token. When enrolling the first token, we assume, that the user is not very familiar with the privacyIDEA web UI. So the enrollment wizard only contains a very reduced API.
12.2.1. Necessary requirements for the enrollment wizard¶
The enrollment wizard will only be displayed, if the user has no token assigned, yet. Thus the user must be able to login to the web UI with his userstore password. This is the default behaviour or set the corresponding policy.
Set a policy in scope webui and activate the policy action tokenwizard.
The user will not be able to choose a token type. But the default token type will be enrolled.
You can see the token enrollment wizard in action here: https://www.youtube.com/watch?v=diAGbsiG8_A
There are two dialog windows in the wizard. You can configure the text in the wizard in your html templates defined in these files:
Before the token is enrolled you can add your custom text in these two files:
When it is enrolled and the user needs to do something (e.g. scanning the qr-code), you can modify the text here:
You can change the directory static/customize to a URL that fits your needs the best by defining a variable PI_CUSTOMIZATION in the file pi.cfg. This way you can put all modifications in one place apart from the original code.
Your privacyIDEA system is running in the URL sub path
The files could be addressed via a path component
mydesign (in this case
Thus the WebUI will look for the files in the URL path
So you set in
PI_CUSTOMIZATION = "/mydesign"
Your customized files are located in
In the Apache webserver you need to map
Alias /pi/mydesign /etc/privacyidea/customize