RSA SecurID Authenticator 6.0 and 6.1 for Windows fails to import aCT-KIP URL
Originally Published: 2024-08-29
Article Number
Applies To
RSA Product/Service Type: Authentication Manager, SecurID Authenticator 6.0, 6.1 for Microsoft Windows
Issue
- When importing the RSA SecurID tokens via CT-KIP URL through an email, the link is not recognized.
- The Submit button in the RSA SecurID Authenticator application is greyed out and unclickable. The token cannot be imported.
Cause
https://<Your_AM_Server_FQDN>:7004/ctkip/services/CtkipService or http://<Your_AM_Server_FQDN>:7004/ctkip/services/CtkipService
However, the RSA SecurID Authenticator for Windows 6.0 and 6.1 accepts only the auto launch URL that starts with the string securidauthenticator, as shown:
securidauthenticator://ctkip?scheme=https&url=<Your_AM_Server_FQDN>:7004/ctkip/services/CtkipService
Resolution
RSA SecurID Authenticator 6.2 and later releases of the Authenticator Application for Microsoft Windows have a fix to the issue so that it successfully imports the CT-KIP URL that was distributed using the legacy Desktop PC 4.x device type Software Token Profile
Workaround
- Download the SecurID Authenticator 6.0.1 Microsoft Windows Device Definition File.
- Extract the contents of the file.
- In the Security Console, navigate to Authentication > Software Token Profiles > Add New.
- Enter the Profile Name and click Import Device Definition File.
- Import the Desktop-Windows-SecurID-Authenticator-swtd.xml from the extracted file in step 2.
- Click Save.
- Now when distributing a token using the new Software Token Profile via CT-KIP URL, the URL will be in the format accepted by SecurID Authenticator 6.0 and 6.1 for Windows, and that the SecurID token will be imported successfully.
Notes
Related Articles
Is RSA AA compliant with Federal Act 508 Number of Views How to query a public database schema table for Segregation of Duties (SOD) violations in RSA Identity Governance & Lifecycle Number of Views In RSA Identity Governance & Lifecycle, a SQL exception error in the UI is encountered when saving Delay node on a Workflow Number of Views How to change RSA SecurID token policies to require 6-character or 8 character PINs Number of Views How to enable logging in to the Cloud Admin Console with the IDR acting as the Third-Party Identity Provider (IdP) Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
