Assign a Replacement Token
You can assign a replacement token to a user if a user’s token has been permanently lost or destroyed, or if the current token has expired.
Instead of replacing an expired software token that was distributed in RSA Authentication Manager 8.2 or later, you can provide a new expiration date and avoid having to provision and distribute the token again. You cannot extend the expiration date if the token is already being replaced. For more information, see Extending Software Token Lifetimes.
Procedure
In the Security Console, click Authentication > SecurID Tokens > Manage Existing.
Use the search fields to find the token that you want to replace.
From the search results, click the token that you want to replace.
Click Replace with Next Available Token.
Related Concepts
Related Articles
Identities with replacement characters showing block instead of characters in RSA Identity Governance & Lifecycle Number of Views How to transfer an existing RSA SecurID token PIN to a replacement token in RSA Authentication Manager 8.x Number of Views Why do tokens disappear from RSA ACE/Server database when replacement token is activated? Number of Views Error: 'This token is a replacement for another token and cannot be exported.' Number of Views SCIM API for User Replacement Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
