Skip Navigation

Configure
RSA SecurID
soft token authentication

BlackBerry Access for iOS
and
Android
devices supports
RSA SecurID
soft token authentication. The software consists of an app and a separately installed, software-based security token that transfers password protection and authentication delegation to
Good for Enterprise
.
BlackBerry Access
contains an embedded
RSA SecurID
authenticator that can generate and display a 6-digit or 8-digit tokencode at 30 or 60 second intervals.
  1. To start a user’s
    RSA SecurID
    software authenticator, provision an
    RSA SecurID
    software token seed record and send it to the user in an email so that they can import the seed record into
    BlackBerry Access
    .
  2. Configure an RSA SecurID application policy in BlackBerry UEM or Configure an RSA SecurID application policy in Good Control. The policy includes the email address of an
    RSA Authentication Manager
    administrator who is responsible for assigning and delivering software token seed records.
  3. Generate the Compressed Token Format URL with the
    RSA Authentication Manager
    . Replace the protocol portion of the URL to send an HTTP URL to
    Good for Enterprise
    so that it can import the
    RSA
    token into
    BlackBerry Access
    :
    • Change the
      com.rsa.securid://ctf?ctfData=numeric_string
      or
      custom_url_scheme://ctf?ctfData=numeric_string
      to
      http://ctf?ctfData=numeric_string
      .
      The URL is case sensitive:
      ctfData
      must be mixed case, as shown.
  4. The seed record must be delivered in an .sdtid file or a Compressed Token Format URL. The user imports the seed record into
    BlackBerry Access
    .
  5. A user that has
    BlackBerry Access
    already activated on their device opens the email message and clicks the
    RSA
    token to install it in
    BlackBerry Access
    .
  • The
    RSA
    administrator assigns a software token to the user, binds it to the user’s device ID, and sends the seed record to the user in a Compressed Token Format URL format.
  • The user opens the seed record in
    BlackBerry Access
    .
  • BlackBerry Access
    imports the seed record and instantiates the
    RSA SecurID
    authenticator.