Assign a Replacement Token
You can assign a replacement token to a user if a user’s token has been permanently lost or destroyed, or if the current token has expired.
Instead of replacing an expired software token that was distributed in RSA Authentication Manager 8.2 or later, you can provide a new expiration date and avoid having to provision and distribute the token again. You cannot extend the expiration date if the token is already being replaced. For more information, see Extending Software Token Lifetimes.
Procedure
In the Security Console, click Authentication > SecurID Tokens > Manage Existing.
Use the search fields to find the token that you want to replace.
From the search results, click the token that you want to replace.
Click Replace with Next Available Token.
Related Concepts
Related Articles
Identities with replacement characters showing block instead of characters in RSA Identity Governance & Lifecycle Number of Views How to transfer an existing RSA SecurID token PIN to a replacement token in RSA Authentication Manager 8.x Number of Views Why do tokens disappear from RSA ACE/Server database when replacement token is activated? Number of Views Error: '** FIND FIRST/LAST failed for table replace-token-buffer.(565)' when unassigning replacement token and 'this token… Number of Views SCIM API for User Replacement Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
