RSA AA Device ID generation
We are using RSA AA 7.3 P1 and have a below question.
When does RSA generate a new device ID. Is there a rule which can explain it. I have seen some instances where device ID do not change but user will still getting a 'CHALLENGE' response.
- Adaptive Auth
- Adaptive Authentication
- Community Thread
- Forum Thread
- RSA Adaptive Authentication
General information about Device Information Collection is given in the RSA Adaptive Authentication (On Premise) 7.3 Integration Guide, chapter 4, page 15 onwards.
All device information, including the specific field called the deviceIdentifier , is collected on the device itself by the client application running on the device, and is sent to RSA Adaptive Authentication.
- On a PC or laptop, the client application is normally a web browser, so the logic to collect device information is embedded in the pages that the user is viewing with their browser.
- On a mobile device, if the user is using a web browser on that device, the same applies.
- On a mobile device, if the user is running a mobile application that authenticates via RSA Adaptive Authentication, that mobile application is the client application. In that case, the RSA Mobile SDK will be called by the mobile application to collect the device information.
In all cases, the device information is sent from the client application on the device, to the web application running on the web server. The web application should then include the device information in requests sent to RSA Adaptive Authentication. See the Adaptive Authentication (On Premise) 7.3 API Reference Guide for correct handling of device information sent to RSA Adaptive Authentication.
If you suspect an error with any device information, then check that:
- The mobile client application or web pages and web application (as applicable) are collecting and processing the device information correctly.
- The device information is included correctly in requests sent by the web application to RSA Adaptive Authentication.
You can monitor device information sent to RSA Adaptive Authentication, by turning on logging of SOAP requests and responses. Do this only temporarily, and preferably not in production, as it generates a lot of data into the logs on a busy system. For more information about SOAP logging, see the Adaptive Authentication (On Premise) 7.3 Operations Guide.