This question is about distribution of the software token XML file. The IT team send email containing the XML file for software tokens via SDTID (XML) format. Can the employee forward this email to multiple mobiles devices with RSA token client app installed and then do the import using this XML file on multiple mobile devices? or is this file for single use only? Thanks
Yes.
It needs to be the same .sdtid file, you cannot distribute it twice as that would break the first one. So distribute .sdtid file only once, and with a token profile that would work on both devices. Essentially this is the same token, which would generate the same token codes at the same time on both devices. Typical use case is the same .sdtid file imported on the same user's phone and their desktop token apps. Either device can be used to authenticate against a single realm (primary and its replicas). You could encounter problems if the time on both devices is not consistently accurate, like within 15-20 seconds or less of each other all the time, so that they each show the same exact token code for at least 40 seconds.