On-Demand Tokencodes 77452

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

In addition to receiving tokencodes on hardware and software tokens, users can receive tokencodes on mobile phones or through personal e-mail. You can deliver tokencodes to a mobile phone using Short Message Service (SMS), or an e-mail address using Simple Mail Transfer Protocol (SMTP). Tokencodes delivered using SMS or SMTP are called on-demand tokencodes.

Note:  To use SMS delivery, you must establish a relationship with Clickatell or another SMS provider and integrate SMS with RSA Authentication Manager.

As with the tokencode generated by a hardware or software token, on-demand tokencodes are used with a PIN to achieve two-factor authentication. However, on-demand tokencodes differ from tokencodes generated by hardware or software tokens in the following ways:

  • The user must already be assigned a PIN to use on-demand tokencodes.

    You must either manually assign a PIN through the Security Console, or configure Self-Service to allow the user to request an account so that he or she can set a PIN.

  • The user initiates the request for the on-demand tokencode, either through Self-Service, which you must configure to allow such a request, or through any authentication agent.

    Note:  The on-demand tokencode service is not supported with authentication agents enabled with EAP 32.

  • The on-demand tokencode has a lifetime that you configure, after which it expires and can no longer be used to authenticate.

You can use the Security Console to perform the following tasks.

                                       

Task

Related Information

Configure SMS plug-ins for on-demand authentication (ODA).

Configure On-Demand Tokencode Delivery

Configure the HTTP Plug-In for On-Demand Tokencode Delivery

Import an HTTPS certificate.

Import a Digital Certificate

Configure e-mail for ODA.

Configure E-mail for On-Demand Tokencode Delivery

Generate a PIN for user's initial ODA.

Set a Temporary On-Demand Tokencode PIN for a User

Enable on-demand authentication for a user.

Enable On-Demand Authentication for a User

Disable on-demand authentication for a user.

Disable On-Demand Authentication for a User

Test the integration with your SMS provider.

Test Your SMS Provider Configuration

 

 


Attachments

    Outcomes