SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
New Contributor
New Contributor

RSA Authentication Manager - Admin functions through code?

Hello, we have RSA Authentication Manager 8.2 SP1 installed. Available documentation states some basic calls to use with REST API (RSA SecurID Authentication API Developer's Guide). But, administrative calls, such as unlocking tokens or resetting token pins, are not covered here. 


Is there another REST API solution to use to perform these admin functions (through code)? (Our RSA servers are housed in-premise).


Thank you.

Labels (1)
2 Replies
Apprised Contributor Apprised Contributor
Apprised Contributor

In RSA SecurID-speak, an agent is a resource (Windows, VPN, Linux-PAM, Web Server) that you want to protect with Two-factor (PIN+TokenCode) authentication from your Authentication Manger Server v. 8.2 SP1 patch-n server. An agent could also be one of the resources listed above or a Cloud Based application like SalesForce that you want to protect with Multi-factor Authentication (Click to approve on your mobile phone, Biometric or 2FA passcodes) from your Cloud based SecurID Access Manager Service ( aka CAS - uses Identity Router, IDR and which can be integrated with Authentication Manager).


ReST is an agent API.  You could write your own ReST agent to protect something not covered by an AM agent.

Many RSA agents use the ReST protocol to authenticate.  Support for ReST agents began with your version AM 8.2 SP1 several years ago.  Updates to newer versions of AM 8.x are provided to you through your support maintenance contract.


Logging into the Security Console on your Authentication Manger Server v. 8.2 SP1 server (TCP port 7004) is for Administration of Users, Tokens and Agents.  There is a separate Admin API if you want to write you own custom Admin portal, or use something like AM Prime to build your own Help Desk Admin Portal, HDAP or Self Service Portal, SSP (different from and more customizable than the Self Service Console, SSC of AM 8.2 SP1 on TCP port 7004). 


You can search RSA Link for topics like   "Admin API"  or look at the various API guides in our documentation.

RSA Authentication Manager Previous Versions 

AM Bulk Administration is called AMBA, and is a simpler way to use the Admin API to submit a job with a list of Users and Token Serial numbers (or just next available token) to do AM Administrative tasks in bulk, quickly. 



Jay, I would like to arrange a quick call with you (30 minutes) early next week. Just you and me to understand some ways to approach this. Could you please provide me some dates and time slots (I work US Central Timezone)?



Shomo Das

Lead Software Development Engineer

Mastercard | mobile 314.269.3834