Enable the RSA SecurID Authenticate App for Specific Users

Document created by RSA Information Design and Development Employee on Jun 13, 2017Last modified by RSA Information Design and Development Employee on Jan 24, 2020
Version 13Show Document
  • View in full screen mode

RSA Authentication Manager 8.2 SP1 and 8.3 users who do not have an active RSA SecurID hardware or software token assigned to them must be enabled to use the RSA SecurID Authenticate app by an Authentication Manager Super Admin. Version 8.4 users without active tokens do not require this procedure.

Before you begin 

  • The following Authentication Manager credentials are required:
    • The rsaadmin password.
    • RSA Authentication Manager Super Admin privileges.
  • If you are provisioning a large number of users, you can create a CSV file. The  file must include a column that lists User IDs. You can add an Identity Source column, if you want to specify identity sources for the users. Copy the CSV file to the /opt/rsa/am/utils directory.


  1. Log on to the appliance with the User ID rsaadmin and the operating system password that you defined during Quick Setup:
    • On a hardware appliance, an Amazon Web Services appliance, or an Azure appliance, log on to the appliance using an SSH client.
    • On a VMware virtual appliance, log on to the appliance using an SSH client or the VMware vSphere client.
    • On a Hyper-V virtual appliance, log on to the appliance using an SSH client, the Hyper-V System Center Virtual Machine Manager Console, or the Hyper-V Manager.
  2. Change directories to /opt/rsa/am/utils. Type:

    cd /opt/rsa/am/utils/

    and press ENTER.

  3. If you enabling a large number of users in a CSV file, type:

    ./rsautil manage-securid-authenticate-app-provisioning -a create -f path -c "User ID"

    Where path is the location of a CSV file and "User ID" is a column name that you specify. You can also specify -d "Identity Source" if the CSV file includes an identity source column.

    If you are enabling a few users, type:

    ./rsautil manage-securid-authenticate-app-provisioning -a create -l list of user ids

    Where list of user ids is a list of User IDs separated by commas. You can also specify -i "identity source name" to search only a specific identity source.

  4. Press ENTER.
  5. When prompted, do the following:
    1. Enter the Super Admin username, and press ENTER.
    2. Enter the Super Admin password, and press ENTER.

    The SecurID app provisioning status lists the number of users that were successfully provisioned. User IDs and reasons are provided for the users that were not successfully provisioned.

    The details are save in the imsTrace.log file in the /opt/rsa/am/server/logs directory.



We want your feedback! Tell us what you think of this page.