Hello,

I have setup a TOTP configuration on an internal Access Manager that stores the secret in an ldap attribute of the user.
Everything works fine so far. Nice and easy process.

We have dedicated Access Manager for internet and intranet and if I configure the same TOTP configuration on the external Access Manager and point to the same attribute, I get the information that I need so setup a token for my user. so I guess the shared secret of the user contains a flag or value that is unique to each Access Manager.

Does anybody know if that flag can be disable via a class property of the TOTP class or something ?
Or do we have to take a look at he java classes to see how that secret gets created ?

Rainer