Before a user can use a software token to authenticate, you must assign and distribute the token to the user. You can assign up to three tokens to a single user.
Authentication Manager provides dynamic seed provisioning, which uses the Cryptographic Token Key Initialization Protocol (CT-KIP) to generate token data without the need for a token file. After you complete the provisioning steps, Authentication Manager displays the URL link of the CT-KIP server and the token activation code. You need these two pieces of information in order to deliver the token to a device as a URL.
Before you begin
Confirm the following:
- Software tokens have been imported.
- Software token profiles have been added.
Procedure
-
In the Security Console, go to the Home page.
-
Use Quick Search to find the user.
-
Select the user to whom you want to assign a token.
-
Under Assigned SecurID Tokens, click Assign More Tokens > Assign Software Tokens.
- Select a token from the list or search for a token in the search bar.
- Click Assign Token(s).
- From the Select Token Profile drop-down list, select a software token profile with dynamic seed provisioning as the delivery method.
After you finish
Use dynamic seed provisioning to deploy a software token on a user's device. For instructions, seeDistribute One Software Token Using Dynamic Seed Provisioning.
Related Concepts