The provisioning feature of Self-Service automates workflows for distributing authenticators and allows users to perform many of the provisioning tasks from the Self-Service Console. You can configure provisioning so that users can request, enable, and troubleshoot authenticators, as well as use emergency access. Provisioning includes predefined administrative roles that you can assign for managing authenticators, approving requests, and distributing authenticators.
Users can perform the following provisioning actions from the Self-Service Console:
Request new or additional tokens
Enable a token
Request the on-demand tokencode service
Request replacement tokens if tokens are lost, broken, temporarily unavailable, or about to expire
Request user group membership for access to protected resources