The tokens must exist in inventory prior to using this module.

This module is available to Virtual Service Provider and Subscriber accounts and allows tokens from various manufacturers to be managed by SafeNet Trusted Access. Tokens are automatically bound to an existing UserID in SafeNet Trusted Access if the token import record contains a matching UserID. If the import record does not include a UserID, the token is imported and placed in inventory.

The token records must be added to your token inventory by your Service Provider. Your Service Provider will require a file containing a record for each token.

Importing SecurID tokens is not available to virtual service provider or subscriber accounts.
Third-party OATH tokens can be imported into SafeNet Trusted Access, however, these must be converted to a special . btk format prior to import. Contact Thales for instructions.

RADIUS tokens can be used with any token type, including RSA/SecurID, provided the third-party authentication server will accept authentication requests via RADIUS from STA.

1. Create a third-party token import file.

   This file must be comma delimited file (.csv) and contain a record for each token being imported. Each record must be in the following format:

   SerialNumber,yyyy/mm/dd
   

   Note the leading “,”.

   The serial Number is 12 characters (pad with leading 0 if necessary).

   These tokens will appear in your token inventory when you complete the import process.

2. To automatically bind a specific token to a user during import:

   • Ensure that the UserID already exists in STA.

   • Ensure that a record in the import file contains the corresponding UserID and token serial number. This file must be comma delimited file (.csv). Each record in the import file must be in the format:

     UserID,SerialNumber,yyyy/mm/dd

     The Serial Number is 12 characters (pad with leading 0 if necessary).

     If a UserID is omitted in the import record, the token will be imported and placed in inventory. Although the token can be assigned or provisioned to a user in STA, care must be taken to ensure that the same token is assigned to the same user in the third-party RADIUS server.

3. On the STA Token Management console, select Tokens > Bulk Assign Third-Party Tokens.

   

4. Configure the import options as required:

   • Token Type: Select RADIUS.

   • Container: Select the container from which token inventory should be allocated. The Default container holds all tokens unless additional containers have been created and inventory has been added to them. Use containers to segregate imported tokens that will be allocated to Subscriber Accounts.

   • Import File: Select the file containing the tokens to be imported.

5. Select Import to import tokens from a selected file into inventory. By default, the imported tokens do not have PINs unless their token template is changed.

   Import will fail for tokens that have a serial number that already exists in the Virtual Server. Token seed records can be re-imported after duplicates are removed from the Virtual Server inventory. The maximum file size is 10 Mb.

6. To store the provisioning results (also displayed on the import token UI) to the default web browser download folder, select Save Log As.