8.7. Gettoken policies¶

The scope gettoken defines the maximum number of OTP values that may be retrieved from an OTP token by an administrator.

The user attribute may hold a list of administrators.

Technically the gettoken policies control the use of the gettoken_controller.

The following actions are available in the scope gettoken:

8.7.1. max_count_dpw¶

type: int

This is the maximum number of OTP values that are allowed to be retrieved from a DPW token.

Note

Issuing only one OTP value per day, this means that this is the number of days, this OTP list can be used.

8.7.2. max_count_hotp¶

type: int

This is the maximum number of OTP values that are allowed to be retrieved from an HOTP (HMAC) token.

Note

As hotp values only expire, when they are used, you can use this to create an OTP list, that can be used from the first to the last OTP value.

8.7.3. max_count_totp¶

type: int

This is the maximum number of OTP balues that are allowed to be retrieved from a TOTP token.

Note

As the default TOTP token generates a new OTP value all 30 seconds, retrieving 100 OTP values will only give you OTP values, that are usable for 50 minutes.

8.7. Gettoken policies¶

8.7.1. max_count_dpw¶

8.7.2. max_count_hotp¶

8.7.3. max_count_totp¶

Table Of Contents

Related Topics

This Page