Agent Credentials
a year ago

Agent Credentials

Agent credentials are used by authentication agents to authenticate with the RSA SecurID Authentication API. After installing authentication agents that use the REST protocol, you must configure the Agent Credentials.

When you enable the RSA SecurID Authentication API, an agent credential is automatically generated if one is not already present in the system. These credentials include an Access ID and Access Key, which authentication agents use to interact with the RSA Authentication API. The agents include these credentials in the HTTP header for authentication requests.

For Hash-based Message Authentication Code(HMAC) mode, the agent should send the hash of the request body instead of the Access Key in the Authorization header. The Access ID is set as X-Access-ID in the Authorization header of the request. HMAC mode enables the agent to create authentication requests by including both the hash of the request body and an HMAC signature.

 

Add an Agent Credential

Agent credentials are added and managed by the Super Admin.

Agent Credential Attributes

Attribute

Description

Access IDThe Access ID is system-generated. By default, the Add New page displays <Will be generated by system>. When you click Save or Save & Add Another, the system generates the Access ID.
Access KeyThe Access Key is system-generated. By default, the Add New page displays <Will be generated by system>. When you click Save or Save & Add Another, the system generates the Access Key.
Deprecated

By default, this option is unchecked and cannot be edited. If enabled, the agent credential will be marked as deprecated in the Authentication Manager authentication activity log.

NotesEnter a note for this agent credential. The maximum character limit is 1020.

 

Before you begin 

You must be a Super Admin.

Procedure 

  1. In the Security Console, go to Access > Authentication Agents > Agent Credentials > Add New.

  2. Enter a note for the agent credential (up to 1020 characters).

  3. Click Save to create the new agent credential.

 

Edit an Agent Credential

You can edit information about agent credentials, such as the Deprecated status and Notes.

Attribute

Description

Access IDThe Access ID is system-generated and is not editable.
Access KeyThe Access Key is system-generated and is not editable.
Deprecated

Displays the existing status of the Deprecated field. When enabled, this agent credential will be marked as deprecated in the Authentication Manager authentication activity log.

NotesDisplays the existing notes for this agent credential. You can enter up to a maximum of 1020 characters.

 

Procedure 

  1. In the Security Console, go to Access > Authentication Agents > Agent Credentials > Manage Existing.

  2. Select the agent credential that you want to edit.

  3. From the context menu, click Edit.

  4. Update the Deprecated status or Notes as needed.

  5. Click Save.

 

Delete an Agent Credential

Deleting an agent credential removes it from the system, and it can no longer be used for authentication requests to the Authentication Manager.

 

Procedure 

  1. In the Security Console, go to Access > Authentication Agents > Agent Credentials > Manage Existing.

  2. Select the agent credential that you want to delete.

  3. From the context menu, click Delete.

  4. Click OK to confirm and remove the agent credential.

 

Manage Existing Agent Credentials

View and manage all the agent credentials that are currently configured in the system.

 

Procedure 

  1. In the Security Console, go to Access > Authentication Agents > Agent Credentials > Manage Existing.

 

Related Tasks

 

 

 

Don't see what you're looking for?