Depending on the type of token you have created, a different procedure is required when logging on to Shibboleth.

A maximum of 10 consecutive incorrect entries are possible, after which your token will be blocked and you will have to create a new token.

If a valid login is made in the meantime, the error counter will be reset.

The session after a successful login in Shibboleth is valid for 10 hours as long as the browser used is not closed.

TOTP

Enter the value that is displayed in your authenticator app.

Indexed Secret

• Enter the displayed values from your Indexed Secret. Enter the two required values consecutively in the field
• The entry is made without separators or similar

Special case self-service portal

• When you log in to the self-service portal, you will receive a selection of tokens for authentication
• TOTP or Indexed Secret and Recovery Code
• It is also possible to log in to the self-service portal with a recovery code to create a new TOTP or indexed secret token if required
• Note: If you have a TOTP token, the recovery code is currently displayed first in the selection list
• Note: If you log in with Recovery Code, this session is not valid for any other Shibboleth services, but only for creating a new token in the Self-Service Portal