Provisioning tokens to users
Provision any token type (including hardware, software, SMS, and GrID) to users on the STA Token Management console, in the Assignment > Authentication Methods module. The provision option works hand-in-hand with self-enrollment. Provisioning provides time savings for administrators and is the recommended method for associating a token with a user.
You can automatically provision and securely deliver tokens to one or more users, regardless of their physical location, in a single bulk operation. This process has significant advantages:
-
It saves a tremendous amount of time for operators.
-
It is secure because only the intended recipient can enroll and activate their token.
-
It can be used with hardware and software tokens.
-
It is not necessary to deliver a specific hardware token to each user.
-
It can be time-limited, requiring users to enroll their tokens on or before a specified date.
-
It can be used to coordinate migrating users from static passwords to token authentication without interruption of service.
When you provision tokens, STA creates a provisioning task that includes all the users that you select. Each user in the provisioning task will receive an email with instructions for enrollment. The content of the email message varies, depending on the token type. Message content can be customized and branded including the use of HTML and images.
You can also restrict the availability of tokens.
After users are provisioned with tokens, you can manage tokens for a user.
View token management tasks for a user
View the last five token management tasks performed for a user to determine if the user is to be provisioned with a token.
-
On the STA Token Management console, search for the user.
-
Select the user and then select the Authentication Methods module.
-
Select Change Log.
Provision tokens to multiple users
-
On the STA Token Management console, search for users.
-
Select one or more users from the list and then click the Provision button.
This will refine the list to include only those users selected for provisioning.
-
When you’ve verified the list of selected users, click Provision again.
-
Select the type of token to issue to all of the selected users. You can add a comment about this provisioning task in the Description field.
The Select Authentication Type list includes the following information:
-
Available—Indicates the quantity tokens, by type, that are in inventory and available for provisioning.
-
Reserved for Provisioning Tasks—Specific tokens (serial numbers) are not removed from inventory until enrollment is complete. This column represents the amount of inventory that has been committed by other provisioning tasks.
-
-
Select Provision.
-
Select Confirm to complete the process and create a provisioning task.