Activate a Token

Applies To: AuthPoint Multi-Factor Authentication, AuthPoint Total Identity Security

Before you can authenticate with AuthPoint, you must activate your token. A token is something that contains information that is used to identify you and associate you with a device.

You can use two types of tokens to authenticate with AuthPoint:

  • Software tokens
  • Hardware tokens

When you activate a token, AuthPoint sends you an email message to let you know that a token was activated for your user account. If you receive this email message and you did not activate a token, notify your AuthPoint administrator.

To enable you to activate your token from the IdP portal, your AuthPoint administrator must:

If your AuthPoint administrator has not configured the IdP portal, or you do not have an authentication policy for the IdP portal, then you must use the activation email to activate your software token.

For hardware tokens, the IdP portal is required for users to activate their own token. If the IdP portal is not enabled or you do not have permission to manage your tokens from the IdP portal, your AuthPoint administrator must activate your hardware token for you.

Activate a Software Token

You activate a software token on a device that is used for authentication, such as a mobile phone. This device is then used to gain access to protected resources that require multi-factor authentication.

The AuthPoint app must be installed on your mobile device before you activate a mobile token.

There are two ways to activate a token on your mobile device. You can use the link in the Activation email that is sent to you or you can log in to the IdP portal and activate your token from there. You might choose to activate your token from the IdP portal if you do not receive the Activation email or if MFA is required for your email account.

The token activation is valid for seven days. After that, you cannot use the activation link and QR code in the email or IdP portal for activation. To activate your token, you must ask your AuthPoint administrator to resend the token activation email.

When you use a QR code to activate a software token, AuthPoint uses a secure seed generation process that follows the OATH DSKPP standard (RFC 6063) to create your token.

Tokens are specific to the device they are activated on. If you want to use multiple devices for authentication, you must activate a separate token on each device you plan to use.

Activate a Hardware Token

A hardware token is a physical device with a built-in token that you activate. If your AuthPoint administrator does not activate your hardware token for you, you can log in to the IdP portal and activate your token from there.

Related Topics

About the AuthPoint Mobile App

About Authentication

Migrate Your Token

Authentication Without Your Mobile Device

Third-Party Software Tokens

Token Management