Identity Attribute Definitions for On-Demand Tokencode Delivery by Text Message

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

Authentication Manager 8.2 must have access to the identity source attributes where you store mobile phone numbers and e-mail addresses. Authentication Manager automatically maps to the e-mail and mobile attributes in the internal database and an LDAP directory. Using the Security Console, you can also map to custom attributes in the internal database and an LDAP directory.

If you want to deliver on-demand tokencodes by text message, use the following table to determine the necessary attribute configuration to ensure that Authentication Manager can access user mobile phone numbers.

                           

Identity Sources In Your Deployment

Configuration

Internal database

No attribute mapping required.

At least one LDAP directory identity source, and you want to use the mobile number value in the LDAP directory “mobile” field.

No attribute mapping required.

When you add an external identity source, Authentication Manager automatically links to the “mobile” attribute in an LDAP directory.

When you configure on-demand tokencode delivery, select Mobile Number from the User Attribute to Provide SMS Destination drop-down menu on the SMS Configuration page.

At least one LDAP directory identity source, and you want to use the mobile number value in an LDAP directory field other than the “mobile” field.

You may edit the identity attribute definition, Mobile Number, so that it maps to the LDAP directory attribute where you store users’ mobile numbers, or you can create a new identity attribute definition.

When you configure on-demand tokencode delivery, select Mobile Number from the User Attribute to Provide SMS Destination drop-down menu on the SMS Configuration page.

At least one LDAP directory, and you want to store user mobile numbers in the internal database because the LDAP directory does not contain mobile numbers.

You must create an identity attribute definition for user mobile numbers that is always stored internally.

When you configure on-demand tokencode delivery, choose the attribute that you created from the User Attribute to Provide SMS Destination drop-down menu on the SMS Configuration page.

 

 


Attachments

    Outcomes