If you are not using your own source code but use the precompiled privacyIDEA Authenticator released by the company NetKnights, this has the following meaning for you.

Breaking Change in Push-Functionality

In order to increase the stability of the push functionality and the reliability of the delivery of the push messages, we decided to revise the configuration of the Firebase project. As of version 4.0, the app works with a central Firebase project that is managed by NetKnights.

That means your privacyIDEA server will no longer be able to notify the push tokens in the app version 4.0 via the Firebase project you have configure individually. To enable the new and more stable notification feature, you either need to recompile the App or get a subscription from NetKnights to gain access to the central Firebase project.

However, you can also use the precompiled and released Authenticator App without the need for a Firebase project.

Using Push-Token without Firebase project

In this scenario you will use the Push-Poll functionality, where the Authenticator polls the challenges from the privacyIDEA server. Users will have to have the privacyIDEA Authenticator App in the foreground to receive messages.

You need to proceed as follows.

1. Update the privacyIDEA server to version 3.7.1. This will ensure a flawless polling functionality
2. If not yet configured, create a policy in scope “Authentication” with the setting “push_allow_polling” = “allow”.
3. If not yet configured, create a policy in scope “Enrollment” with the setting “push_firebase_configuration” = “poll only”.
4. If you already have a “push_firebase_configuration” policy, change it to “poll only”.
5. To receive the Push notification, the user must open the privacyIDEA Authenticator. The notifications will be polled or the user can actively poll the notifications by swiping downwards.
6. The configuration of the Firebase project in your privacyIDEA server can be deleted.

We are about to release a new version of the privacyIDEA Authenticator. We moved to a new framework “Flutter”. It is supposed to ease the life of the developers and create more stability between the Android and the iOS app.

The new version is supposed to provide better PUSH token functionality. It will also provide the possibility to “poll” the PUSH notification – sounds strange, right? It can be. But this is necessary if for some reason the concatenated push services of Google and Apple do not work out as expected. Then the smartphone will poll the privacyIDEA to check, if there is a challenge available.

privacyIDEA 3.4 is required in the backend for PUSH-poll to work.

A beta version of the new privacyIDEA Authenticator is available now via Testdrive Testflight. If you want to participate, register here.

We are looking forward to your feedback.