Questions tagged [token]

27 questions
8
votes
4 answers

Use standard USB flash disk as security token

We want our users in company to login their computers by using their USB Flash Disks or something else. Is there a way to achieve this without buying a USB token from a company ?
Harun Baris Bulut
  • 455
  • 1
  • 8
  • 20
5
votes
3 answers

Are OTP/OATH (RFC 4226) Hardware Tokens Re-seedable?

We set up a two-factor authentication system that uses Google Authenticator to use OTP via mobile phone apps. Some of our users however don't have smart phones so we want to be able to use hardware tokens with it. If the secret key/seed set by the…
Andrew Case
  • 3,409
  • 3
  • 21
  • 38
4
votes
3 answers

Is there a way to setup oAuth with Openvpn or wireguard?

I'm looking to build a set of services that require a single sign on. Basically, you login to my oAuth provider, and you have access to an openvpn connection(or wireguard) and a website, without additional security needed, with the possible…
SoftwareRocks
  • 41
  • 1
  • 3
3
votes
1 answer

ADFS: Convert SAML Assertion to OAuth Token?

We have Microsoft Active Directory Federation Services (ADFS) as our authentication/federation provider. We use it for performing identity federation via SAML to several external vendors, SaaS providers, etc. In addition, we have several vendors…
Shadowman
  • 71
  • 1
  • 8
3
votes
1 answer

Win7 UAC tokens

It is known that under win7 UAC you receive 2 tokens when you logon to the system: std user token and admin token. If I disable UAC, what should I get? only admin token? or still both with no consideration to the UAC status?
Talc
2
votes
1 answer

How do OAuth servers deal with a `refresh_token` requested multiple times?

In the OAuth2 authentication process refresh tokens should be used only once. When the refresh_token is used it will return a new access_token and a new refresh_token. This is also in the RFC6819 spec: 5.2.2.3. Refresh Token Rotation Refresh…
Wilt
  • 683
  • 8
  • 13
2
votes
0 answers

Protect cached content in apache

I'm facing an issue where I have some cached contents in a disk and I want to protect it with a token url. I can protect my files via htaccess, once they are not cached (direct access), but now I need to protected files that are in cache. Anyone can…
2
votes
5 answers

Are token-ring networks still in use? What products are available?

I'm looking for some materials on current usage of token-ring network? Is there any token-ring device in the market? If there is, what are the names?
Jichao
  • 2,937
  • 4
  • 17
  • 14
1
vote
1 answer

Solaris compatible smart card / token

I'm looking for a smart card (+reader) and (or) usb token compatible with Solaris 10 x86 and OpenSolaris. Can someone suggest?
disserman
  • 1,850
  • 2
  • 17
  • 35
1
vote
1 answer

OAUTH / OIDC - Client auth using a signed JWT instead of a secret

I'm sending out the signal flare after exhausting my search efforts. I feel I'm real close to getting this working but hit the wall. Below details an example of what I'm trying to accomplish and the steps taken so far. Please point out errors and…
Jarred
  • 21
  • 4
1
vote
2 answers

ONLYOFFICE - JWS secret doesn't work (can connect without)

I'm running ONLYOFFICE Document Server under an https:// vhost on nginx on Ubuntu Server 18.04 LTS. It's reachable at onlyoffice.example.com and I also have a Nextcloud instance at nextcloud.example.com that it integrates with. To prevent…
Manchineel
  • 131
  • 2
  • 11
1
vote
1 answer

Use a physical cryptographic token with OpenVPN community (free) version

I am currently setting up OpenVPN to provide company access to multiple clients. Our requirement is to use certificates, password protect the client keys, as well as using dual factor (MFA) authentication per client. I have a bunch of Fortinet…
lobi
  • 1,021
  • 2
  • 14
  • 26
1
vote
5 answers

Which multi-factor access tokens are most suitable for use in an enterprise network?

I am interested in exploring all of the options to enable multi-factor domain authentication on an Active Directory network. I exclude no technologies from this question however I do prefer simpler implementations to elaborate configurations. …
user13846
  • 266
  • 1
  • 7
0
votes
2 answers

AWS access token for user assuming role

How to have access token per user assuming a role in another account? I have users which have an Access Token on the root account. They have access to another account (dev) through assumed role. I'm stuck now because on the dev account, I don't have…
Kaymaz
  • 223
  • 3
  • 11
0
votes
1 answer

"Can't authenticate you" when trying to run a DigitalOcean API command

I tried to run this command for rebuilding my droplet: curl -X POST "https://api.digitalocean.com/v2/droplets/MY_DROPLET_ID/actions" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer MY_API_TOKEN" \ -d…
Arcticooling
  • 119
  • 1
  • 14
1
2