Assign and Distribute a Software Token to a User Using Dynamic Seed Provisioning in the User Dashboard

Before a user can use a software token to authenticate, you must assign and distribute the token to the user. You can assign up to three hardware or software tokens to a single user. Tokens that are managed in the Cloud Authentication Service do not count towards the three token limit.

Authentication Manager provides dynamic seed provisioning, which uses the Cryptographic Token Key Initialization Protocol (CT-KIP) to generate token data without the need for a token file. After you complete the provisioning steps, Authentication Manager displays the URL link of the CT-KIP server and the token activation code. You need these two pieces of information in order to deliver the token to a device as a URL.

Before you begin

Confirm the following:

  • Software tokens have been imported.
  • Software token profiles have been added.


  1. In the Security Console, go to the Home page.

  2. Use Quick Search to find the user.

  3. Select the user to whom you want to assign a token.

  4. Under Assigned SecurID Tokens, click Assign More Tokens > Assign Software Tokens.

  1. Select a token from the list or search for a token in the search bar.
  1. Click Assign Token(s).
  2. From the Select Token Profile drop-down list, select a software token profile with dynamic seed provisioning as the delivery method.

After you finish

Use dynamic seed provisioning to deploy a software token on a user's device. For instructions, seeDistribute One Software Token Using Dynamic Seed Provisioning.

Related Concepts

SecurID Tokens