On October 17th we released LinOTP 2.10.1 to the repositories.

LinOTP 2.10.1

KeyIdentity GmbH is pleased to announce the availability of the following product release:

LinOTP 2.10.1 introduces many improvements, new features, cleanups and bug fixes. The list below provides details of the most important changes. Please also refer to the complete changelog at the end of this newsletter.


  • New Feature: RestSMSProvider

This new SMSProvider enables LinOTP to submit SMS to any SMS Provider (e.g. CLX Communication) with a support for REST API based on a JSON payload. Details about the configuration can be found here:


LinOTP 2.10.1 is available as Debian and RPM packages from Ubuntu packages are available from our PPA on Launchpad. Users of the KeyIdentity LinOTP Smart Virtual Appliance will receive LinOTP 2.10.1 via the integrated auto-update mechanism.

We are happy to assist our support customers in upgrading their environment to the latest release. Please contact us at

The KeyIdentity LinOTP team

KeyIdentity GmbH
Robert-Koch-Stra├če 9, 64331 Weiterstadt

Sales Hotline: +49 6151 86086-277, Fax: -299
Registered Office: Weiterstadt, Amtsgericht Darmstadt: HRB8649
Board of Directors: Nils Manegold, Dr. Amir Alsbih

Changelog LinOTP 2.10.1

Server changes:
  • Server: LDAPUserIdResolver failover: stay with working LDAP-Servers for an incrementing time before retry connecting the first server
  • Server: Add charset/collate clauses to database generation commands: ensures compatibility with recent versions of MariaDB
  • Server: New policy 'forward_on_no_token' to support forwarding of request to remote server if user has no token
  • Server: Allow configuration of the challenge prompt via system/setConfig?SMS_CHALLENGE_PROMPT=MESSAGE
  • Server: New policy 'enforce_smstext' to ignore request param data
  • Server: Support to configure HTTP headers in Rest SMS Provider
API changes:
  • API: Show token enrollment status in userservice/usertokenlist
  • API: Support check_status without user parameter
Web UI changes:
  • Web UI: Add timezone entry to token info dialog
  • Web UI: Update visuals for manage token info
Selfservice changes:
  • Selfservice Portal: Support optional landing page for selfservice portal
  • Selfservice Portal: Show token description in selfservice portal
Bug Fixes:
  • Server: Fix LDAPUserIdResolver failover
  • Server: Search token list with userPrincipalName
  • Server: Fix RADIUS Forward Token
  • Server: otppin=ignore_pin now works alternatively to otppin=3
  • Server: LinOTP server now handles forward proxy definition correctly
  • Server: Fix storing of timeout tuples within the DefaultPushProvider
  • Server: Fix backend for setExpiration UI dialog which failed in some cases
  • Server: Provide error message if update of a license key was failing
  • Server: Set default time zone to make time based tokens work in all setups
  • Server: Support for SQLUserIdResolvers where the user id is defined as int. This fixes actions in the selfservice portal.
  • Web UI: Default for splitAtSign is now correctly displayed in the UI