Manage your token

KeyIdentity LinOTP Server

KeyIdentity LinOTP Server

LinOTP is an enterprise level, an innovative, flexible and versatile OTP-platform for strong authentication, developed and maintained by KeyIdentity GmbH. LinOTP is scaling from small individual installations through middle sized company scenarios to Cloud-Provider requirements.

When your needs grow from a few users to several thousand users and bigger, LinOTP can grow with you and adapt to the changes in your IT environment.

Due to its highly modular architecture, LinOTP works vendor-independent and supports different authentication protocols, token types and user repositories. The software supports multi tenancy, it is easily scalable, user friendly and can quickly and simply be implemented in your environment. With the help of LinOTP the highest security standards can effortlessly be achieved by our customers.

LinOTP is licensed under AGPLv3 for the server components and GPLv2 for the native GUI and command line tools.

LinOTP is also open as far as its modular architecture is concerned. LinOTP aims not to bind you to any decision about the authentication protocol or your user information storage. This is achieved by its totally modular architecture.

Integrate strong authentication in your environment

Integrate strong authentication in your environment

LinOTP and the KeyIdentity Authentication Provider bring a wide range of 2FA integrations into existing environments. Using established authentication standards and integrated APIs, allows us to bring the 2FA authentication to the place you need it.


The FreeRADIUS module (rlm_linotp) allows to integrate LinOTP tightly with your RADIUS setup. The KeyIdentity Smart Virtual Appliance (SVA) comes with a ready setup and integrated RADIUS server for your use with existing solutions. LinOTP is running successfully in customer setups with Citrix Netscaler, Cisco ASA, Juniper/Junos VPNs and many other solutions, based on a RADIUS backend. If you decide to run LinOTP in your native Linux environment, we provide additional FreeRADIUS and Radiator modules to allow a seamless integration. 

Windows, macOS and Linux

The KeyIdentity Authentication Provider family of products allows you to extend the authentication on Microsoft Windows, macOS and Linux (PAM) with strong two-factor authentication. The tight integration allows for advanced features such as Offline Authentication.


A ready to use OpenID identity server is part of LinOTP. Everything needed to register and validate identities with strong authentication provided by LinOTP, is well integrated in the overall LinOTP setup.


The LinOTP API allows for a fast and easy integration of two-factor authentication in your applications. Secure and reliable authentication is only one API call away. Since LinOTP is an API first product, an integration beyond the validation is easy and well documented. 


LinOTP leverages the proven simpleSAML server to provide a SAML authentication enriched by two-factor authentication. 


Integrate your users

Integrate your users

The modular and flexible implementation of LinOTP allows for the integration of a wide range of user storages. Based on open protocols, LinOTP adapts to your environment.

The  user integration allows to combine users from all backends in one collection of users, ready to be used and managed in the extensive policy framework provided by LinOTP. Organize your users based on source, group or other attributes, depending on your needs. 

Possible user storage backends

  • Microsoft Active Directory
  • OpenLDAP
  • 389 Directory Server
  • Oracle Directory Server
  • PostgreSQL
  • MySQL, MariaDB
  • Oracle
  • IBM DB2

Supported user storage protocols

  • Active Directory
  • LDAP
  • SQL
  • Flat File


Choose the authentication method you need

Choose the authentication method you need

KeyIdentity LinOTP is based on established and widely accepted standards for one time password tokens (e.g. OATH, FIDO U2F). This makes LinOTP vendor independent in your choice of token and allows to choose the authentication method you need for the use case you have to solve. You decide the authentication your users need, down to the individual user. 

If the open standards do not provide the functionality to solve your use case, the KeyIdentity 2FA platform provides additional levels of functionality, leveraging the tight integration of your whole product portfolio.

The combination of LinOTP and its API with our KeyIdentity Authentication Providers and the Keyidentity Authenticator allows for secure offline OTP authentication for your mobile users. MacOS and Microsoft Windows Logins are supported.

Software Token

  • KeyIdentity Authenticator
    • KeyIdentity Push-Token
    • KeyIdentity QRToken
    • KeyIdentity QR-TAN
  • All OATH compatible mobile tokens
    • Google Authenticator
    • FreeOTP
    • Micorosoft Authenticator
    • and others
  • All FIDO U2F compatible soft tokens
  • mOTP compatible soft tokens

Hardware Tokens

  • Gemalto SafeNet eToken Pass
  • Feitian c100 c200 c300
  • SmartDisplayer
  • VASCO OATH Token
  • Yubico Yubikey
  • Gemalto OATH Token
  • NagraID
  • All OATH compatible tokens
  • All FIDO U2F compatible tokens

Server Token

LinOTP also comes with a wide range of server integrated tokens to, either enable the usage of out of band tokens or to provide solutions beyond the standard use cases.

  • SMS Token
    • policy based with multiple backends
    • providing HTTPS, SMTP and SMPP protocol backends
  • E-Mail Token
  • One-Time-Use Password

Built-In Token

The modular architecture of LinOTP allows you to break down, for example, the implementation of roaming users or soft migration, optimising your resources and implementations.

  • Forwarding Token
  • RADIUS Token
  • Remote Token
Manage your Tokens

Manage your Tokens

LinOTP comes with a range of administrative interfaces for managing your tokens and users. With the extensive API for management, self service and authentication in the backend, the main interfaces are the web frontends provided with LinOTP. Here you will be able to configure and manage all aspects of LinOTP.

In addition we provide CLI clients for several operating systems to allow scripted actions and enable the integration in common deployment management systems.

With the powerful Self Service API and frontends your users will be able to cater to their needs and reduce calls to your help desk. The users privileges are authorized and managed by your administrators, using the extensive policy framework of LinOTP.

Auto-enrollment and auto-assignment of tokens further help to reduce costs in the rollout process.

Evaluate the KeyIdentity Authentication Provider, SVA and LinOTP

Request your evaluation of the KeyIdentity Smart Virtual Appliance and the KeyIdentity Authentication Provider.

Fast deployment of multi factor authentication in your environment.

Sales-Hotline: +49 6151 86086 - 277