Skip to main content

User Tokens General Information & Management

The Tokens tab is part of user token management which is a feature that allows an operator to manage tokens used as a second factor in authenticating a user's identity. There are a variety of token types that an operator can enrol on behalf of each user, from SMS or email tokens to hardware tokens in the form of cards or tokens.

Available actions for users with appropriate privileges:

Add a new token

image.png

Enroll a new token on behalf of a user.

View token detail

image.png

Display the page with all the details of the specific token.

Modify existing token

 image.png

Modify user comment (if allowed) or mobile phone number for SMS token or email address for Email token.

Test of token

image.png

Test the token to verify that it is working correctly.

Disable / enable token

image.png

Disable or enable token - disabled token can't be used for verification as a second factor.

Delete token

image.png

Permanently delete the token.

Reset token

image.png

Reset the HOTP type of token.

Status of the token:

ACTIVE

image.png

The token is active and ready to be used for user identity verification (in login or approval processes).

DISABLED

image.png

The token is disabled and cannot be used to authenticate the user's identity.

OBSOLETE

image.png

A token is out of date and it needs to be deleted and registered another one. For example, if it is an SMS or EMAIL token, it is possible to delete it and replace it with a so-called Virtual token, which works the same - based on sending an OTP to an email address or mobile phone.


Add new token

Enrollment of the tokens is slightly different from type to type. For detailed instructions visit the page for the specific token:

 

image.png

Press the ADD NEW TOKEN button on the TOKENS tab on the detail of the user and select the token type that can be registered on behalf of the operator:

Click on the links to see the details of the enrollment of specific tokens.

Token-type names are fully adjustable by the administrator, so they could be different from the used samples.


Display token detail

1

Open the User detail, and go to the Tokens tab.


2

Press the VIEW TOKEN button [image.png] within the chosen token and confirm the disable/enable action

 

image.png

3

The detail page contains information about:

  • Status - ACTIVE / DISABLED
  • Description
  • Device - in the case of SMS or Email tokens there is a mobile phone number or email address), otherwise this field contains the serial number of the HW token
  • Last used - the date of last usage of the token
  • Updated - date of the last update of the token
  • Expires - expiration date of the token (valid for physical tokens)

4

Context menu [image.png] also contains buttons for actions available for the token.


Edit token

1

Open the User detail, and go to the Tokens tab.

image.png

2

Press the EDIT button [image.png] within the chosen token from the context menu[image.png].

 

Not all token types allow editing - SMS or Email tokens (or Virtual tokens) allow to change the email address or mobile phone number. Other tokens allow to change the User comment if this value was entered during enrollment.

3

A new form with the parameters of the token will be opened.

4

Adjust the available parameters and press the SAVE button to save the changes.


Delete token

1

Open the User detail, and go to the Tokens tab.


2

Press the DELETE TOKEN button [image.png] within the chosen token and confirm the removal.

The user should normally have at least one active token to use as a second authentication factor. In cases where this is necessary, it is possible to remove or disable all of the user's tokens.

image.png

3

The token list will be displayed where the removed token won't be displayed.


Test token

1

Open the User detail, and go to the Tokens tab.

2

Press the TEST TOKEN button [image.png] within the chosen token from the context menu [image.png].

Not all token types allow the test action to be performed.

3

The application opens a new window for the test action of a specific token:

4

If everything is correct, you will see information about the successful test.

5

If the token test result is negative, you can do any of the following:

  • delete the token and enrol it again
  • reset the token - not all token types allow it (applies to HOTP type tokens)


Reset token

1

Open the User detail, and go to the Tokens tab.


2

Press the RESET TOKEN button [image.png] within the chosen token from the context menu [image.png].

Not all token types allow the reset action to be performed (mainly HOTP types of tokens).

image.png

3

The new window for entering the control OTPs.

4

Generate two one-time passwords (OTP) from the Authenticator app in your mobile device or a hardware key, enter them into the app and press the RESET button.

  • It is necessary to follow the order of entering both OTPs

5

If everything is correct, you will see information about the successful reset.


Disable/enable token

1

Open the User detail, and go to the Tokens tab.


2

Press the DISABLE TEMPORARILY button [image.png] within the chosen token from the context menu [image.png] and confirm the disable/enable action

The user should normally have at least one active token to use as a second authentication factor. In cases where this is necessary, it is possible to remove or disable all of the user's tokens.

image.png

3

The token will be disabled - the status will change to DISABLED - and it won't be possible to authorize by this token within the login or any other operation.

image.png
Back to top