How to synchronize user accounts that do not have an email address to the SecurID Access Cloud Authentication Service
Originally Published: 2022-05-04
Article Number
Applies To
RSA Product/Service Type: Cloud Authentication Service
Issue
Resolution
- Option 1: If users who are currently synced to the Cloud Authentication Service from the identity source have the SAME value for their mail and userPrincipalName attributes, then the mapping of Email Address in the identity source configuration in the Cloud Administration Console can be changed from mail to userPrincipalName. This change would make it so users that are already synced are not affected (assuming their userPrincipalName is the same as their mail) and also allow users who do not have mail defined to be synced based on their userPrincipalName.
- Option 2: If users who are currently synced to the Cloud Authentication Service from the identity source have a DIFFERENT value for their mail and userPrincipalName attributes, then an additional identity source can be added to the Cloud Authentication Service specifically for the users who do not have the mail attribute defined. In the new identity source's configuration, the Email Address field can be mapped to userPrincipalName.
Important: When adding and configuring the new identity source, it is importing to configure it so that users that are currently synced to any other identity source(s) configured with the Cloud Authentication Service will not end up being synced to this new identity source.
- Option 3: Define the mail attribute for the users in the identity source that do not currently have it defined but that need to be synced to the Cloud Authentication Service (the email addresses set in the mail attribute do not need to be "real" email addresses.)
Related Articles
Create list of users who have not logged into RSA Authentication Manager 8.x for a specific period of days Number of Views RSA Cloud Authentication Service Identity Source Synchronization reports user accounts with Duplicate Email Address Number of Views Authentication Manager 8.5 P5 connection to Cloud Authentication Service gets “permitted only authenticators you have purc… Number of Views How to update an Active Directory Account Attribute to have no value <not set> using an Active Directory AFX Connector in … Number of Views Cloning AFX connectors creates duplicate connectors if connector names have been modified in RSA Identity Governance & Lif… Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
