Define Custom Attributes to Send Transaction-Specific Data During On-Demand Authentication
You can define custom attributes to send users transaction-specific data during on-demand authentication. This feature only supports REST-based authentication to RSA Authentication Manager.
After you define custom attributes for the clients that you developed with the SecurID Authentication API, you can provide these custom attributes in the on-demand tokencode message users receive.
For example, your users could receive a custom message that replaces the following variables with values:
To confirm that you want to <BUY or SELL> <number> shares
of <stock symbol>, please enter the tokencode:
Users would enter a tokencode to confirm the transaction.
Before you begin
Use the SecurID Authentication API to define custom attributes for your REST-based, multifactor authentication clients. Your clients can use the existing SessionAttribute parameter to provide attributes during the Initialize interface.
During authentication, the initialization payload should contain the session attributes name and corresponding value. See the following example:
{
"authnAttemptTimeout": 180,
"clientId": "rest-007",
"subjectName": "adUsr",
"lang": "us_EN",
"sessionAttributes": [
{
"dataType": "STRING", "name": "DemoAttribute1", "value": "Demo Attribute1_value" }
,
{ "dataType": "STRING", "name": "DemoAttribute2", "value": "Demo Attribute2_value" }
],
"subjectCredentials": [],
"context":
{ "messageId": "test" }
}
For more information, see the SecurID Authentication API Developer's Guide.
Procedure
In the Security Console, click Setup > System Settings.
Click On-Demand Tokencode Delivery.
On the Tokencode Settings tab, specify the on-demand tokencode message text that users receive and the message lifetime.
Use the following syntax for your custom attributes:
$S.<Custom Session Attribute name>
Note: Do not remove $OTT from the message template. This variable is replaced with the tokencode in the actual message.
Click Save.
Related Tasks
Related Articles
Custom State button is not displayed in a Review in RSA Governance & Lifecycle Number of Views RSA Authentication Manager 8.6 Patch 3 Readme Number of Views RSA Governance & Lifecycle Recipes: Extending Objects in the AVUSER Schema with Custom Attributes Number of Views RSA Authentication Manager 8.7 SP1 Azure Virtual Appliance Getting Started Number of Views "Invalid column index" error in RSA Identity Governance and Lifecycle review "Total Entitlements not in Review" Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
