Skip to main content

How to convert an OATH Seed to an OATH Token


In preparation for transitioning the SecureAuth IdP product to use OATH tokens instead of OATH seeds, in SecureAuth IdP version 9.2 you can now convert an existing OATH Seed value to an OATH Token property.

If users have a hard token, or were previously set up to use OATH seed enrollment, then you can map a field to the OATH Token property and make it writable. If the OATH Seed value doesn't exist in the OATH Token collection, then that value will be converted and written to the OATH Token property.

This configuration is made on the Web Admin Data tab, and must be made on each realm that needs to have the OATH Seed converted to an OATH Token.


SecureAuth IdP version 9.2 and later

SecureAuth IdP configuration

Data tab

NOTE: This example shows the configuration for Active Directory data store.

1. In the Profile Fields section, if using a single OATH seed for end-user Multi-Factor Authentication, then map Fields to OATH Seed and OATH Tokens Properties, as shown in the sample image.

2. Make both OATH Seed and OATH Tokens Properties Writable.

3. Click Save.

After making this configuration on the Data tab, users who now log on this realm will automatically have their OATH Seed ported to the OATH Token property.