How I can reuse user who was previously assigned token to be alias?
The description you gave is not enough to know exactly the issue you have, so I will make a guess.
There could be more details
but a simple way to do it (if I am guessing correctly on what you are asking)...
scenario. A real user named X, and real user named Y. Both have a token.
You want to unassign the token from Y, and let Y login with X token.
-old user Y no longer has a token
-user X has a token will also have an alias Y...[X and Y are going to have same token essentially]
a) create a new group in the internal database
b) take your user, say X, you want an alias for, and make a member of that group
c) go to that user X authentication settings, and assign an alias Y to the user based on that group
d) pick an agent and enable login aliases for that group
e) Now when either X, or Y logs into that agent, it will be known as real user X logging in with X token,
and will require the token X has and the pin that token has to succeed.
If Y (old user with no token) is still a user listed in the database, logins may not always work in all circumstances, as (depending on the scenario), the system may see user Y logging in, and will not associate that Y name with user X, so it may fail for Y saying no authenticator assigned to Y...but if the system can figure it out it, for specific agents, it will know Y login name is really X.
Retrieving data ...