Event-based Flex Token
SAE version 2.3 now support event-based tokens in addition to the traditional time-based SecurID tokens.
The acceptable range of event-based tokencodes is variable.
The "window" or range of valid authentication codes varies depending on the state of the token and values in the token's seed record. For example seed records often contain the following windowing parameters:
Small Window: 3
Medium Window: 7
Large Window: 100
Max Counter: 50000
SAE authenticates codes found inside the ?Accept Window? and rejects values outside the ?Reject Window?. Codes that fall between the accept and reject windows (where accept != reject) causes next tokencode mode.
State Accept Window Reject Window
-------- ---------------------- ---------------------
1st login Large-1 Large-1
Normal small medium
Waiting for PIN small medium
Next Tokencode Mode 2 2
Resynch (1st) max counter max counter
Resynch (2nd) 2 2
Related Articles
After upgrading to 8.0.0, migrated AFX Connectors show as "Not Deployed" in RSA Governance & Lifecycle Number of Views LDAP search error - [LDAPsearch] referral received Number of Views Steps to change the internal subnets in RSA Authentication Manager used for an embedded RSA Identity Router Number of Views What is the Return Merchandise Authorization (RMA) process for SID800 tokens? Number of Views AFX Server on Windows fails to stop/start after initial successful start in RSA Governance & Lifecycle Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
