Select Hardware Tokens for Provisioning
Hardware tokens are handheld devices, such as key fobs, that display pseudorandom tokencodes. Before a user can request a hardware token through the Self-Service Console, you must select this type of authenticator for user requests.
Note: These settings apply only to hardware tokens requested through Self-Service.
Procedure
In the Security Console, click Setup > Self-Service Settings
Under Provisioning, click Manage Authenticators.
Under Hardware Token Types Available for Request, find the types of hardware tokens you want to make available for user requests, and click the associated checkbox.
For each hardware token you select, do the following:
In the Display Name field, enter a descriptive name for the token. This name displays in the Self-Service Console.
(Optional) In the Image Location field, enter the directory path and filename of an image file that shows the token.
In the Description field, enter a description of the token. This description displays in the Self-Service Console.
For Authentication Type, select one of the following:
Passcode - A code entered by a user to authenticate. The passcode is a combination of a PIN and a tokencode.
Tokencode only - A random number displayed on the front of a user's RSA SecurID token. Tokencodes change at a specified time interval, typically every 60 seconds.
Note: This setting only applies to hardware tokens requested through Self-Service.
To allow users to use the RSA SecurID 800 Authenticator with RSA Smart Card Middleware, do the following:
Select SID800 and complete step 4.
For Require Remote Seeding, select this option for dynamic seed provisioning.
In the RSA Smart Card Middleware URL field, enter the URL of the Smart Card Middleware software for users to download. This URL displays in the Self-Service Console.
In the Smart Card Middleware Instructions field, enter instructions and the version of the Smart Card Middleware. These instructions and the version of the Smart Card Middleware appear in the Self-Service Console.
In the Smart Card Middleware Update URL field, enter the URL of the Smart Card Middleware update for users to download. This URL appears in the Self-Service Console.
In the Smart Card Middleware Update Instructions field, enter instructions and the version of the Smart Card Middleware update. These instructions and the version appear in the Self-Service Console.
In the Certificate Authority URL field, enter the URL of the certificate authority web site where users can obtain digital certificates. This URL appears in the Self-Service Console.
(Optional) To make this token the default token type for all token requests, select Make this the default option for hardware token requests.
Under Expiring Token Parameters, enter the number of days before a token expires that users can request a replacement token.
Click Save.
Related Concepts
Related Articles
How to change PIN length for hardware tokens on cloud Number of Views Where are RSA SecurID hardware tokens manufactured? Number of Views What does the small 3 above the blinking diamond on the RSA SecurID hardware token display indicate? Number of Views CyberArk Authentication fails when using hardware tokens Number of Views Assign Hardware Tokens to Multiple Users Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
