Cloud Administration Authenticator Details API Version 2
The Cloud Administration Authenticator Details API (Version 2) enables Help Desk Administrators to retrieve a list of authenticators for a user, including the SecurID700 hardware tokens and SecurID DS100 OTP and FIDO credentials, by providing a user ID.
Note: The API
can retrieve a list of user authenticators for a single user per request.
For information about managing access to this API, see Accessing the Cloud Administration APIs.
Authentication
Clients calling this API must authenticate themselves by including a JSON Web Token in a request. For instructions on using this token, see Authentication for the Cloud Administration REST APIs.
Software Developer Kit
You can download the API Software Developer Kit (SDK) from Cloud Administration REST API Download.
Request Requirements
Use the following information to retrieve information about a particular user's authenticator.
| Method | Request URL | Response Content Type | Response Body | Response Codes |
|---|---|---|---|---|
| GET | /AdminInterface/restapi/v2/users/ <userId>/devices | application/json | User authenticator details with property | 200, 400, 403, 404, 429, 500 |
Resource Identifier
| Resource ID | Description | Type |
|---|---|---|
| <userId> | Unique user identifier that is sent in response to the Cloud Administration User Details API. | Boolean |
Request Parameter
The authenticator details API allows the following parameter:
| Request Parameter | Description | Type |
|---|---|---|
| <includeBrowsers> | Set to True to include the browser authenticator type, or False to exclude the browser authenticator type. When you omit this identifier, the browser authenticator type is excluded. | Boolean |
Example Request Data
The following example displays a request to retrieve all authenticator types other than the browser authenticator type.
GET /AdminInterface/restapi/v2/users/<userId>/devices
Accept: application/json
Authorization: Bearer <JWT token>
The resource identifier <userId> is a unique user identifier that is sent in the response to the Cloud Administration User Details API.
Example Response
The following example response shows the status of all authenticators for a single user.
GET /AdminInterface/restapi/v2/users/<userId>/devices
{
"devices":[
{
"id":"21",
"name":"vstt1lft-24@via.comdevicenamebvg",
"userId":"d936a1a4-d797-4c45-9ed4-acc877241a1c",
"deviceType":"iOS 8.1.2",
"registeredDate":"2021-06-02T20:55:45.562Z",
"capabilities":"FCAM,BCAM,ACC,FINGERPRINT",
"browser":false
},
{
"id": "194",
"name": "Chrome_94.0.4606.61_1660878496964",
"userId": "702fca94-fa11-e86c-26f7-e49505051e48",
"deviceType": "Chrome 94.0.4606.61",
"registeredDate": "2022-08-19T03:08:58.754Z",
"capabilities": null,
"browser": true
}
],
"sidTokens":[
{
"id":"2f8f4221-fc8a-46f6-b08f-73b9ee2b96f6",
"name":"OomqI",
"userId":"d936a1a4-d797-4c45-9ed4-acc877241a1c",
"deviceType":"RSA SecurID 700",
"registeredDate":"2021-06-02T20:58:51.501Z",
"tokenSerialNumber":"000000200005",
"updatedAt":"2021-06-02T20:58:51.503Z",
"tokenState":"Activated",
"expiryDate":"2027-02-12T00:00:00.000Z",
"tokenStatus":"Enabled",
"assignedAt":"2021-06-02T20:58:51.501Z",
"assignedBy":"vstt1lft-24@via.com",
"pinSet":true,
"tokenStatusChangedAt":null,
"tokenStatusChangedBy":null
},
{
"id": "d4f8b2e7-f6e4-e102-bb28-ee0b5d37c2f2",
"name": "user’s SecurID DS100",
"userId": "26c1e3d6-b31c-803e-cf7f-bdbe7687a72b",
"deviceType": "SecurID DS100",
"registeredDate": "2022-06-08T07:58:13.432Z",
"tokenSerialNumber": "014010008035",
"updatedAt": "2022-06-08T09:47:50.496Z",
"tokenState": "Activated",
"expiryDate": null,
"tokenStatus": "Enabled",
"tokenStatusReason": null,
"assignedAt": "2022-06-08T07:58:13.432Z",
"assignedBy": user.one@mycompany.com,
"pinSet": true,
"tokenStatusChangedAt": " null",
"tokenStatusChangedBy": " null",
"deviceSerialNumber": "140100080"
}
],
"fidoTokens":[
{
"id":"8wioDlecm5DRYitXCOyfQFlEnrJMTv_UcBPeMMKPLy3_r5RB5Qp77pmMVuO9aKHVl301LbAaVOcv6uXyyDL3w",
"name":"vstt1lft-24@via.com_FidoToken",
"userId":"d936a1a4-d797-4c45-9ed4-acc877241a1c",
"deviceType":"FIDO Token",
"registeredDate":"2021-06-02T20:57:46.000Z"
"status":"Enabled"
}
]
}
Response Property Descriptions
The following table shows response property descriptions and data types.
| Property | Description | Data Type |
|---|---|---|
| id | Identifies the authenticator. | String |
| name | Name of the authenticator. | String |
| userId | Identifies the user associated with this authenticator. | String |
| deviceType | Device type information related to the authenticator or browser. | String |
registeredDate registeredDate (for FIDO authenticator) | Timestamp when the authenticator was registered. For information about formatting timestamps in ISO 8601 format, see https://www.w3.org/TR/NOTE-datetime. Timestamp when the FIDO authenticator was registered. | String |
| capabilities (for devices other than sidToken or FIDO Token) | The capability of the device, for example Fingerprint. | String |
| browser | This value tells the system whether the user is using a browser authenticator or not. Values: true - A browser is being used, or false - No browser is being used. | String |
| The Following Properties are for Hardware Tokens Only | ||
| tokenSerialNumber | Serial number osf the hardware token. | String |
| deviceSerialNumber | The serial number of the SecurID DS100 hardware authenticator. The number is displayed on the back of the authenticator. | String |
| updatedAt | Last updated timestamp of the hardware token. For information on formatting timestamps in ISO 8601 format, see https://www.w3.org/TR/NOTE-datetime. | String |
| tokenState | State of the hardware token: Unassigned, Activation Pending, or Activated. | String |
| expiryDate | Hardware token expiration date. For information on formatting timestamps in ISO 8601 format, see https://www.w3.org/TR/NOTE-datetime. | String |
| tokenStatus | Status of the hardware token: Enabled or Disabled. | String |
| assignedAt | The timestamp when the administrator has assigned the hardware token to the user, or when the user registered a token that was not pre-assigned. For information on formatting timestamps in ISO 8601 format, see https://www.w3.org/TR/NOTE-datetime. | String |
| assignedBy | Identifies the user who registered the hardware token or the administrator who assigned the hardware token to a user. | String |
| pinSet | Flag that tells the system whether the user has set a PIN or not for the hardware token. Values: True - PIN is set and False - PIN is not set. | String |
| tokenStatusChangedAt | The timestamp when the hardware token was enabled or disabled. For information on formatting timestamps in ISO 8601 format, see https://www.w3.org/TR/NOTE-datetime. | String |
| tokenStatusChangedBy | Identifies the administrator who enabled or disabled the hardware token. | String |
| status | Status of the FIDO authenticator: Enabled or Disabled | String |
Response Codes
The following table shows response codes and descriptions for this API.
| Code | Description |
|---|---|
| 200 | User and authenticator are successfully found. |
| 400 | User ID is not provided as a request identifier. |
| 403 | User is not authorized to perform the request. |
| 404 | User is not found. |
| 429 | Too many requests. |
| 500 | Internal error occurred while processing the request. |
Related Articles
RSA Identity Governance and Lifecycle - 702 Migration fails with 'ORA-02260: table can have only one primary key' Number of Views RSA Governance & Lifecycle Recipes: Risk Analytics Dashboard Number of Views Migration of ACM-69142.sql hangs when installing a patch on RSA Identity Governance & Lifecycle 7.1.1 Number of Views How to view workflow variable values during workflow execution in RSA Identity Governance & Lifecycle Number of Views Migration from 7.0.1 to 7.0.2 fails with error PLS-00323: subprogram or cursor 'PROCESS_ACTIVE_USER_ACC_MAPS' is declared … Number of Views
Trending Articles
An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process
