On Tue, Apr 22, 2025 at 11:49 AM Peter Balogh <pe...@svnplus.com> wrote: > > Andreas can you please share more about this? > I've been looking for a solution for this for a while, but I only found > hacks like when entering your password, also add your OTP at the end > every time you do an svn operation
Yuk, what a design... > Is a modern OTP or Oauth authentication possible with httpd and the svn > clients, that's not inconvenient or weird? OAuth is authorizations, not authentication. OAuth is run by the Identity Provider (IdP), and would provide the SAML assertions that the relying party (RP) would consume. Hypothetically, you would pair OpenId with OAuth. That would give you authentication and authorizations. Jeff > On 2025. 04. 22. 17:29, Andreas Stieger wrote: > > > > On 2025-04-22 16:37, Prasu S wrote: > >> Our team is using SVN as a version control tool for source code. We > >> are looking into implementing MFA. Does SVN have built-in MFA > >> capabilities? If so, can you please point me to the documentation? I > >> appreciate any help you can provide. > > > > > > Apache Subversion (mod_dav_svn) supports all authentication options > > supported by or built for Apache httpd. That includes multi-factor, > > various mobile app authenticators, enterprise SSO and SSL client > > certfs. Start reading there. The point is that it is not built into > > svn but httpd.
