|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: RSA Authentication Manager
RSA Version/Condition: 8.1
|Issue||An administrator wants to distribute a software token to an end user with a supported Android device.|
|Tasks||Tasks required before distributing a software token:|
See documentation on how to Add a User to the Internal Database or on how to Add an Identity Source to include LDAP users in Authentication Manager.
NOTE: Token seed record XML files are password protected. Refer to documentation on how to Import Token Records.
Refer to documentation on how to Assign Tokens to a User.
Refer to documentation on how to Add a Software Token Profile. Note that you must be a super admin in order to create software token profiles.
To make things easier for admins who are assigning tokens to users, create profile names based on profile settings. For example, a profile for a fob-style Android token with a tokencode duration of 60 seconds with a tokencode of eight digits that is sent via CTF can have a token profile name of Android 1.x 60-8-Fobstyle-CTF.
Other examples are
The end user downloads and installs the RSA SecurID Software Token app onto their device. Download the app from Google Play, from RSA Link or by scanning the QR code below with the device:
Distribute the software token assigned to a user.
In this example; the software token profile used is for an Android device, the tokencode duration is 60 seconds, the tokencode length is 8 digits, the authentication type is where the PIN is integrated with the tokencode (PINPad-style) and the delivery is Compressed Token Format (CTF).
Note that entering the Device ID into the DeviceSerialNumber will bind this specifc software token to this specific device. Should someone else get hold of the Compressed Token Format URL and use it on another device, the following error is seen during the import process:
Invalid device binding. Token import failed. Contact your administrator.
From: IT, Department
Dear <end user>
The embedded compressed token format URL in this email requires the RSA SecurID Software Token app to be installed.
Having installed the RSA SecurID Software Token app, click the compressed token format URL to import it: http://127.0.0.1/securid/ctf?ctfData=200014645550636755120451124566773404444366217705625245167172125502522514311743420
The default PIN for first time usage is ‘0000’ so please visit the Self Service Console at URL https://am81p.company.com:7004/selfservice-console to logon using the software token and set up your PIN.
Please contact the IT department should you have any technical issues.
During the token import process, the end user may be prompted to enter a password (if the software token profile created above requires it).
When the token imports successfully:
The end user is now prompted to enter a PIN:
Clicking the menu button provides the token list, information about the token and online help.
|Notes||Click the link for more information on the RSA SecurID Software Token 2.0 for Android.|