Skip to main content

Symantec VIP global MFA settings

At the global level, configure the Symantec Validation and ID Protection (VIP) token. Users can use a Symantec VIP token to authenticate into a resource.

You can limit the use of this MFA method in a policy.


  • Import the trusted certificate into the certificate store on the Identity Platform server.

  • Trusted certificate must have read-only access permissions to:

    • IIS AppPool\SecureAuth0pool

    • Network service

Globally configure Symantec VIP token

  1. On the left side of the Identity Platform page, click Multi-Factor Methods.

  2. Click the pencil icon for Symantec VIP.

    The configuration page for Symantec VIP appears.

  3. To enable or disable the global Symantec VIP multi-factor method, slide the toggle On or Off.

  4. In the Configuration mode section, set any of the following configurations.

    Timed passcode

    When the Symantec VIP multi-factor method toggle is On, it enables the option users to receive a timed passcode on a Symantec VIP token.

    Issued Certificate Serial Number

    The certificate serial number provided by Symantec.


    For the certificate permissions, see the Prerequisites at the beginning of this topic.

    Host Whitelist

    By default, two allowed URLs are included. You can add or modify URL entries.

    Symantec VIP Field

    Indicate whether to show or hide the Symantec VIP field on the login page.

  5. Click Save.

Next steps

Configure a policy on the Multi-Factor Methods tab to allow users to authenticate using Symantec VIP tokens in the login workflow.Define login workflow and multi-factor methods settings in a policy