Add a new token

Register the new token.

Edit existing token

Modify user comment (if allowed) or mobile phone number for SMS token or email address for Email token.

Delete token

Permanently delete a token.

Test of token

Test a token to verify that it is working correctly.

Reset token

Reset of a non-synchronous token.

Disable temporarily / enable token

Disable or enable token - disabled token can't be used for verification as a second factor.

Display token detail

[click on the row]

Display the page with all the details of the specific token.

ACTIVE

The token is active and ready to be used for user identity verification (in login or approval processes).

DISABLED

The token is disabled and cannot be used to authenticate the user's identity.

OBSOLETE

A token is out of date and it needs to be deleted and registered another one. For example, if it is an SMS or EMAIL token, it is possible to delete it and replace it with a so-called Virtual token, which works the same - based on sending an OTP to an email address or mobile phone.

Enrollment of the tokens is slightly different from type to type. For detailed instructions visit the page for the specific token:

• SMS token
• Email token
• Virtual token (combination of SMS or Email token type - see above)
• MS Authenticator token (mostly TOTP (Time-based One-time Password) type of token)
• Google Authenticator token (mostly HOTP (HMAC-Based One-Time Password) type of token)
• Physical TOTP token
• Physical HOTP token
• MAYI ID Token (password-less type of token using application MAYI ID - OTP)
• Passkey token

Click on the links to see the details of the enrollment of specific tokens.

Token-type names are fully adjustable by the administrator, so they could be different from the used samples.

1

Open the Selfservice, go to the Account section and open the Tokens tab.

2

Press the EDIT button [  ] within the chosen token from the context menu [  ].

• Not all token types allow editing - SMS or Email tokens (or Virtual tokens) allow to change the email address or mobile phone number. Other tokens allow to change the Description if this value was entered during enrollment.

3

A new form with the parameters of the token will be opened.

4

Adjust the available parameters and press the SAVE button to save the changes.

1

Open the Selfservice, go to the Account section and open the Tokens tab.

2

Press the DELETE button [  ] within the chosen token from the context menu [  ] and confirm the removal.

• Note: a user must always have at least one token in an active state, which means they cannot delete all their tokens.

• Note: in case the token operations are set as approvable actions, then the approval process will be started at this point.

3

If the deletion is possible (and possibly approved) the token is removed from the list of tokens.

1

Open the Selfservice, go to the Account section and open the Tokens tab.

2

Press the TEST button [  ] within the chosen token from the context menu [  ].

3

The application opens a new page for the test of the token. All tokens have their own test procedures:

• SMS, Email or Virtual token
• HOTP/TOTP tokens
• HW HOTP/TOTP tokens
• MAYI ID - OTP
• Passkey token

5

If everything is correct, you will see information about the successful test.

6

If the token test result is negative, you can do any of the following:

• delete the token and enrol it again
• reset the token - not all token types allow it (applies to HOTP type tokens)
• contact support if the token is, for example, a HW token

1

Open the Selfservice, go to the Account section and open the Tokens tab.

2

Press the RESET button [  ] within the chosen token from the context menu [  ].

Note: not all token types allow the reset action to be performed (mainly HOTP types of tokens).

3

The token reset form will be opened.

4

Generate two consecutive one-time passwords (OTP) from Google authenticator or a HW token key, enter them into the form and press the RESET button.

It is necessary to follow the order of entering both OTPs

5

If everything is correct, you will see information about the successful reset.

1

Open the Selfservice, go to the Account section and open the Tokens tab.

2

Press the DISABLE TEMPORARILY button [  ] within the chosen token from the context menu [  ] and confirm the disable/enable action

Note: a user must always have at least one token in an active state, which means they cannot disable all their tokens.

3

The token will be disabled - the status will change to DISABLED - and it won't be possible to authorize this token within the logging or any other operation.

1

Open the Selfservice, go to the Account section and open the Tokens tab.

2

Select the desired token and mouse-click on the selected row.

4

the drawer with the details of the token will be opened:

• Status - status of the token (ACTIVE / DISABLED)
• Description - user description of the token - optional
• Device - in the case of HW tokens where the device identification is part of the parameters of the token
• Last used - date of last usage of the token (for authentication)
• Updated - date of last update of the token
• Expires - in the case of tokens where the expiration date is part of the parameters of the token

5

The drawer also contains buttons for operations available for the token:

• in the context menu on the title of the drawer [  ].
• EDIT button to modify the parameters of the token [  ].