Assign a Replacement Token
You can assign a replacement token to a user if a user’s token has been permanently lost or destroyed, or if the current token has expired.
Instead of replacing an expired software token that was distributed in RSA Authentication Manager 8.2 or later, you can provide a new expiration date and avoid having to provision and distribute the token again. You cannot extend the expiration date if the token is already being replaced. For more information, see Extending Software Token Lifetimes.
Procedure
In the Security Console, click Authentication > SecurID Tokens > Manage Existing.
Use the search fields to find the token that you want to replace.
From the search results, click the token that you want to replace.
Click Replace with Next Available Token.
Related Concepts
Related Articles
How to transfer an existing RSA SecurID token PIN to a replacement token in RSA Authentication Manager 8.x Number of Views SCIM API for User Replacement Number of Views Identities with replacement characters showing block instead of characters in RSA Identity Governance & Lifecycle Number of Views Error: '** FIND FIRST/LAST failed for table replace-token-buffer.(565)' when unassigning replacement token and 'this token… Number of Views Why do tokens disappear from RSA ACE/Server database when replacement token is activated? Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
