You can generate a Hash-based Message Authentication Code (HMAC) that you can use to encrypt authentication requests between authentication agents and the RSA SecurID Authentication API. The HMAC provides a hash for the request body and an HMAC signature.
Use this procedure if your authentication agents use both the RSA SecurID Authentication API Access ID and Access Key. Use the default method for authentication agents that only use the Access Key.
Before you begin
You must access the appliance operating system with a secure shell (SSH) client. You can also access the operating system on a virtual appliance with the VMware vSphere Client, the Hyper-V Virtual Machine Manager Console, or the Hyper-V Manager.
Log on to the appliance with the user name rsaadmin and the operating system password.
To use an HMAC for authentication, type:
./rsautil store –a update_config auth_manager.rest_service.authorization.mode 1 GLOBAL 501
To return to the default mode that uses only the RSA SecurID Authentication API Access Key, type:
./rsautil store –a update_config auth_manager.rest_service.authorization.mode 0 GLOBAL 501
Generate the signature:
Generate the hash for the request body. The hashed body content is generated with SHA-512.
Generate the HMAC signature for the string. The algorithm used for generating the signature is HmacSHA256 and the encoding is Base64.