Hello everybody,

I would like some advice on the usability of the following setup or an alternative if I can better setup something different.

I want to setup a CentOS 7 server with FreeIPA and an other CentOS 7 server for Ipsilon.

I want to enable the OTP 2-Factor Authentication with FreeIPA and use Ipsilon to profile SAML2 integration for other service that I have running like Zimbra, NextCloud etc.

How would FreeIPA OTP 2FA work for the end-users in combination with Ipsilon?

Will there be an Ipsilon webpage that will serve as the main login page with redirects to Zimbra, NextCloud etc and will this webpage support the OTP 2FA of FreeIPA?

The token generation for the users will that go through Ipsilon webpage or FreeIPA as front-end?

Kind regards,

Jelle de Jong