Assign a Replacement Token
You can assign a replacement token to a user if a user’s token has been permanently lost or destroyed, or if the current token has expired.
Instead of replacing an expired software token that was distributed in RSA Authentication Manager 8.2 or later, you can provide a new expiration date and avoid having to provision and distribute the token again. You cannot extend the expiration date if the token is already being replaced. For more information, see Extending Software Token Lifetimes.
Procedure
In the Security Console, click Authentication > SecurID Tokens > Manage Existing.
Use the search fields to find the token that you want to replace.
From the search results, click the token that you want to replace.
Click Replace with Next Available Token.
Related Concepts
Related Articles
How to transfer an existing RSA SecurID token PIN to a replacement token in RSA Authentication Manager 8.x Number of Views Identities with replacement characters showing block instead of characters in RSA Identity Governance & Lifecycle Number of Views Why do tokens disappear from RSA ACE/Server database when replacement token is activated? Number of Views Error: '** FIND FIRST/LAST failed for table replace-token-buffer.(565)' when unassigning replacement token and 'this token… Number of Views RSA Authentication Manager 8.x import of replacement certificate fails with the error This certificate is already imported Number of Views
Trending Articles
RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process Downloading RSA Authentication Manager license files or RSA Software token seed records When configuring LDAP or LDAPS in RSA Authentication Manager with a global catalog the connection fails
