000029745 - RSA SecurID On-Demand Authentication (ODA) requires submitting the token within two minutes or 120 seconds after the PIN is submitted

Document created by RSA Customer Support Employee on Jun 15, 2016Last modified by RSA Customer Support on Jan 8, 2020
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000029745
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
IssueThe server will accept On-Demand Authentication tokens for up to 60 minutes after the token has been requested with a submitted user ID and PIN. However, an agent setup in multi-transaction mode will only allows the token to be submitted within 120 seconds or two minutes.

This is the currently functioning as designed. 
ResolutionTwo options are available when using ODA:
  1. Educate users that they need to submit the token within two minutes of requesting it.
  2. A somewhat cumbersome option is that after the user submits the user ID and PIN then receives the tokencode, abandon the login session entirely, and create a new authentication session. Since the token is good for 60 minutes, the user logs in this second time with user ID and this time enters the tokencode.