Configure Shipping Addresses for Hardware Authenticators

When you configure provisioning, you can configure a shipping address where hardware authenticators are sent for each user. Each user can have a separate shipping address. The shipping address appears on the user profile.

If you store shipping data in the internal database, the user must enter a shipping address for each request for an authenticator that requires a distribution step.

If you use a directory server as the identity source, you can map the shipping address to existing identity attributes. The identity source automatically fills in the address information for the user. The user can view the shipping address, but cannot modify it.

Any changes made to the shipping address are only for the current authenticator request. Changes to the shipping address do not change the user’s record in the identity source.


  1. In the Security Console, click Setup > Self-Service Settings.

  2. Under Provisioning, click Set Shipping Addresses.

  3. (Optional) Under Shipping Address Mapping and Display Options, specify if you want the fields in the shipping address to be Required, Optional, Read-only, or Hidden.

  4. (Optional) For each of the options, do one of the following:

    • If you store data in the internal database, under Map to, select Unmapped.

    • To use information from an identity source for the shipping address, under Map To, select one of the available identity attributes.

  5. Click Save.

Related References

Self-Service Settings