privacyIDEA 2.2 released – OTP Offline Authentication

Somewhere far, far away. No LTE.

Today privacyIDEA 2.2 was released.

privacyIDEA introduces the new feature of OTP Offline Authentication. This is based on the concept of Machines and Applications which you can see in the github wiki.

The Offline Authentication uses a new privacyIDEA PAM module to cache authentication information. In regards to the “Machines and Applications” the “Offline Application” is the third application type after LUKS and SSH.

You can update an existing installation via PIP or the Ubuntu packages. Please see the documentation for installation.


  • create resolvers and realms.
  • manage policies.
  • Add LostToken UI.
  • Add Offline Application.
  • Add PAM authentication module with offline support.
  • Add getSerialByOTP. You can determine the Token by providing an OTP value.
  • Add auth_count_max and auth_success_max for each token.
  • Add PIN encryption policy.
  • Add API for SAML.
  • Add bash script for ssh key fetching.
  • Make WebUI logout time configurable via webui policy.
  • Add NTLM authentication to the LDAP resolver.

The image above is CC0 by cocoparisienne at pixabay.

Leave a comment