Replace a Token for a User
You can assign a replacement token to a user if a user’s token has been permanently lost or destroyed, or if the current token has expired. Replaced tokens are either unassigned or deleted from the deployment, depending on your configuration.
Instead of replacing an expired software token that was distributed in RSA Authentication Manager 8.2 or later, you can provide a new expiration date and avoid having to provision and distribute the token again. You cannot extend the expiration date if the token is already being replaced. For more information, see Extending Software Token Lifetimes.
The following options are available:
Replace a Token with the Next Available Token on the SecurID Token Page
Replace Tokens with Specific Tokens on the SecurID Token Page
Replace a Token with the Next Available Token on the Users Page
Replace a Token with the Next Available Token on the SecurID Token Page
Procedure
In the Security Console, click Authentication > SecurID Tokens > Manage Existing.
Use the search fields to find the token that you want to replace.
From the search results, click the token that you want to replace.
Click Replace with Next Available Token.
Replace Tokens with Specific Tokens on the SecurID Token Page
Procedure
In the Security Console, click Authentication > SecurID Tokens > Manage Existing.
Use the search fields to find the tokens that you want to replace.
Select the checkbox for the tokens that you want to replace.
From the Action menu, click Replace SecurID Tokens.
Click Go.
Click the checkbox next to the replacement tokens.
Click Next.
(Optional) Click the checkbox to require the assigned user to set up a new SecurID PIN for the replacement token.
Click Save & Finish.
Replace a Token with the Next Available Token on the Users Page
Procedure
In the Security Console, click Identity > Users > Manage Existing.
Use the search fields to find the user whose token you want to replace.
From the search results, click the user whose token you want to replace.
From the context menu, click SecurID Tokens.
Click the token that you want to replace.
From the context menu, select Replace with Next Available Token.
Deliver the replacement token to the user. The user may begin using the new token immediately.
Replace Specific Tokens in the User Dashboard
Procedure
In the Security Console, go to the Home page.
Use Quick Search to find the user.
Select the user whose token you want to replace.
Under Assigned SecurID Tokens, click the token you want to replace.
Click the arrow next to the Edit button and select Replace.
- Select a token from the list or search for a token in the search bar.
- Click Replace Token.
Related Concepts
Related Articles
Replace a Token for a User in the User Dashboard Number of Views Replace a Token with the Next Available Token Number of Views Delete a Token Number of Views How to replace an existing token in RSA Authentication Manager 8.x with a specific token in custom mode, and NOT with the … Number of Views Java exception error during restore of default console certificate on RSA Authentication Manager 8.2 and higher Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
