Skip to main content

Configure Identity Platform for HID hard token provisioning and use

Applies to Identity Platform 21.04-10 or later

There are two distinct Identity Platform application configurations required to provision and use HID hard tokens:

Provisioning

To provision (enroll) HID hard tokens the supported options are to use the Hard Token button on the Help Desk or Self-Service pages.

Use HID hard tokens as MFA

Use of HID hard tokens for multi-factor authentication in login workflows. To set this up, see Configure the login workflow policy to use HID hard tokens.

Configure hard token provisioning page

To provision HID hard tokens, you can use the following internal applications:

  1. For the Help Desk or Self-Service application, go to the Advanced Settings > Post Authentication tab. Then, click the applicable link to configure the page.

    hard_token_001.png

  2. In the page configuration, set the Hard Token Button to Show.

    hard_token_002.png

  3. Save your changes.

Configure the login workflow policy to use HID hard tokens

In the New Experience, you configure the login workflow policy to use HID hard tokens. This will apply to all the applications attached to the policy under the Resources tab in the policy.

  1. For HID hard tokens, set the global length and TOTP setting. See Authentication apps global MFA settings.

    Instead of using the global length and TOTP setting, you can set a different length and interval for HID hard tokens. Use the following appsettings in the web.config file to override the global settings for HID hard tokens.

    hidPassCodeDefaultLength

    hidPassCodeDefaultInterval

  2. In Policy configuration - Multi-Factor Methods, make sure to select the One-time passcode check box.

    hard_token_003.png

  3. Save your changes.

Next steps

SecureAuth Hard Token Decrypt Tool

Self-service page: Provision and add a HID hard token

Help Desk page: Provision and assign HID hard tokens to user profiles

In this section: