Hello @SamWalker (Customer)​ CAS do not have Fixed passcodes like Authentication Manager that "never expires". However the maximum lifetime for Emergency access token on CAS is 7 Days. Currently, there is no provision to extend the timeframe further due to security considerations.

1. If you have an AM -> CAS Hybrid connection configured, you can assign a fixed passcode to the BOT on AM and use it for authentication to cloud-protected resources, provided that the application is assigned a policy that incorporates the "SECURID OTP" authentication method.

2. Consider integrating the API to create an Emergency tokencode. Additionally, automate your system to refresh the Emergency access Tokencode every 7 days by utilizing Cloud API for Emergency Tokencode programatically .

Cloud Administration Enable Emergency Tokencode API Version 2

https://community.rsa.com/s/article/Cloud-Administration-Enable-Emergency-Tokencode-API-Version-2-afcc433e