Enable High Availability Tokencode in the Cloud Authentication Service

When you enable High Availability Tokencode, SecurID app users are able to access protected resources with Authenticate Tokencode even if the Cloud Authentication Service is unavailable, because the Cloud Authentication Service makes Authenticate Tokencode records available to Authentication Manager version 8.5 and later. Your Cloud Authentication Service deployment must be connected to Authentication Manager to take advantage of this feature.

Note: SecurID 700 token records are always available for Authentication Manager deployments that support high availability, SecurID 700 tokens, and are connected to the Cloud as described in Connect RSA Authentication Manager to the Cloud Authentication Service, regardless of whether this option is enabled.

Enabling this feature has the following impact when an app user tries to access a resource with Authenticate Tokencode and Authentication Manager is unable to contact the Cloud Authentication Service:

  • The user is prompted to enter an Authenticate OTP.

  • The tokencode is evaluated by Authentication Manager rather than by the Cloud Authentication Service.

If you disable this feature, Authentication Manager no longer downloads records for Authenticate OTP. For more information, see High Availability Tokencodes.

Before you begin

You must be a Super Admin for the Cloud Authentication Service.


  1. In the Cloud Administration Console, click Platform > Authentication Manager.

  2. In the High Availability Token field, click Enable.

  3. Click Publish Changes to apply the configured settings.