RSA SecurID Access My Page is a web portal that helps provide a secure way for users to manage their devices. Users can complete RSA SecurID Authenticate device registration and delete their devices (if necessary).
You must enable My Page if you want to use it. You select the primary authentication method and the policy used for additional authentication for signing into My Page.
Each user can use My Page to register two devices: one device that supports Android, iOS, or Windows, and one FIDO Token.
|Android, iOS, or Windows||After you enable My Page, all users must go to My Page to register these devices using multifactor authentication and QR or numeric registration codes.|
|FIDO Token||By default, all users must register their FIDO Tokens during authentication the first time they attempt to use their tokens, even if My Page is enabled. If you want users to register FIDO Tokens in My Page, you must enable both My Page and FIDO Token registration on Platform > My Page. After both functions are enabled, users can no longer register FIDO Tokens during authentication.|
Before you begin
- You must be a Super Admin in the Cloud Administration Console.
Know which access policy to use for additional authentication.
Confirm that the access policy contains authentication methods that are not used for primary authentication and can be completed by the user without the RSA SecurID Authenticate app, for example, SMS or Voice Tokencode. If you are not already using SMS or Voice Tokencode, contact your RSA sales representative for additional information
If you will require users to register their FIDO Tokens using My Page, confirm that the access policy does not require a FIDO Token.
(Optional) Select your company logo to display in My Page. The image file must be JPG or PNG format, and no larger than 50 KB. The maximum logo size is 220 x 80 pixels. The same logo can also be used to display on additional authentication prompts.
In the Cloud Administration Console, click Platform > My Page.
Enable My Page.
In the Authentication section, in the Primary Authentication Method drop-down list, select the authentication method to use. Note the following:
If you select FIDO Token, note that users cannot complete registration when authenticating for the first time with a FIDO Token as a primary authentication method. Be sure that users can first complete registration by accessing an application or My Page that requires FIDO Token as additional authentication. Then users can use FIDO Token as primary authentication for this application.
If you select Managed by Cloud Identity Provider, select the Cloud identity provider from the list.
In the Access Policy for Additional Authentication drop-down list, select the access policy to apply if primary authentication succeeds.
If you selected Managed by Cloud Identity Provider in the previous step, you might want to select an access policy that does not require additional authentication, so users are automatically authenticated to My Page by the Cloud identity provider.
(Optional) In the Configuration section, click Upload Logo, and select the company logo to display in My Page.
If you do not specify a logo, My Page contains only the RSA SecurID Access logo. To delete an existing logo, click the minus sign.
If you want the same logo to appear on pages used for additional authentication, select Use custom logo for additional authentication prompts. If you do not select this option, no logo appears during additional authentication.
If you want to allow users to delete their devices in My Page (for example, when they get new mobile devices and need to complete device registration), leave the box selected. If not, clear the Users can delete devices in My Page box.
If you clear the box, administrators can delete users' current devices as described in Manage Users for the Cloud Authentication Service .
- If you want to require users to register their FIDO Tokens in My Page, select Users can register FIDO Tokens in My Page. My Page must also be enabled.
If you want the Cloud Authentication Service to automatically send emails to users when they complete RSA SecurID Authenticate device registration, add or delete additional companies, or delete registered devices, click Device Registration & Deletion Emails and follow the instructions on that page.
(Optional) If you want to redirect users to a specific URL after they sign out of My Page, enter the URL in the Logout URL field.
If you do not specify a URL, users are redirected to the My Page URL.
(Optional) If you want to redirect users to a specific URL after they encounter an error, enter the URL in the Error URL field.
If you do not specify a URL, users are redirected to the logout URL or the My Page URL (if the logout URL is not specified).
If you are configuring My Page for single sign-on in an unsolicited response flow, copy the Assertion Consumer Service (ACS) URL for Unsolicited Responses value into your identity provider configuration settings.
- Click Save.
We want your feedback! Tell us what you think of this page.