type => "object",
properties => {
realm => { type => 'string' },
+ tfa => {
+ description => "Two-factor authentication provider.",
+ type => 'string',
+ enum => [ 'yubico', 'oath' ],
+ optional => 1,
+ },
+ comment => { type => 'string', optional => 1 },
comment => { type => 'string', optional => 1 },
},
},
my $entry = { realm => $realm, type => $d->{type} };
$entry->{comment} = $d->{comment} if $d->{comment};
$entry->{default} = 1 if $d->{default};
+ if ($d->{tfa} && (my $tfa_cfg = PVE::Auth::Plugin::parse_tfa_config($d->{tfa}))) {
+ $entry->{tfa} = $tfa_cfg->{type};
+ }
push @$res, $entry;
}
my $realm = extract_param($param, 'realm');
- die "unable to modify bultin domain '$realm'\n"
- if ($realm eq 'pam' || $realm eq 'pve');
-
die "domain '$realm' does not exist\n"
if !$ids->{$realm};