Configure Authenticators for Self-Service Users

Users can request authenticators and emergency access through the Self-Service Console. You can manage the types of authenticators available and configure the settings for emergency access tokencodes.

Before you begin

Add a Software Token Profile. Only a Super Admin can add software token profiles.

Procedure

  1. In the Security Console, go to Setup > Self-Service Settings.

  2. Under Provisioning, click Manage Authenticators, and do the following, as needed:

    • Under Hardware Token Types Available for Request, select one or more types and define the settings for each type. For detailed instructions, see Select Hardware Tokens for Provisioning.

    • Under Software Token Profiles Available for Request, select one or more software token profiles and define the settings for each type. For detailed instructions, see Select Software Tokens for Provisioning.

    • Under On-Demand Authentication Settings, select Allow users to request the on-demand tokencode service, and define the settings. For detailed instructions, see Select On-Demand Authentication for Provisioning.

    • Under Token File Password Settings, select The user needs to provide the password, to protect the token file, and select a file format.

  3. (Optional.) Configure emergency access settings. For detailed instructions, see Configure Emergency Access for Provisioning.

    • Under Emergency Access Tokencode Settings, define the settings.

    • Under Emergency Access Tokencode Settings for Permanently Lost or Broken Tokens, define the settings.

    • Under Emergency Access Tokencode Settings for Temporarily Unavailable Tokens, define the settings.

    • Under Expiring Token Parameters, enter the number of days in advance of expiration that a user can request a replacement token.

  4. Click Save.