privacyIDEA provides a bunch of cool features. We try to present them with some nice screenshots.
Users and administrators have a common login form. While users authenticate with the password from their directory (i.e. users locates in LDAP directory authenticate with their LDAP password to the selfservice portal) adminstrators need to authenticate with the two factor against privacyIDEA.
The administrator has a view for all tokens (authentication devices), for all users, for policies and for the audit trail.
A detailed audit view gives the administrator full information about all administrative actions and also all user actions. Events like authentication requests, actions in the selfservice portal, resetting passwords, enrolling tokens are logged. Searching for token serial numbers give the administrator a complete token lifecycle view. The audit trail is digitally signed, so it will be noticed, if an entry was modified or deleted.