Assign a hardware token to a user

If your company provides employees with hardware tokens for authentication purposes and after tokens have been distributed among users, you need to assign each token to its owner. The key information that lets you set this assignment in the ​Akamai MFA​ service is the token's serial number. You can also reassign a token that is already in use by another employee to a new user.

Before you begin

  • Make sure that you have access to the token's serial number.
  • If you're dealing with a phone or email request, ask the user to prepare the token's serial number.
  • For secure TOTP-based authentication, ​Akamai MFA​ requires secret keys that are at least 128 bits long. This translates to a minimum of 26 characters.

How to

  1. In the Enterprise Center navigation menu, select Multi-factor Authentication > Identity & Users > Users.

  2. On the Users page, navigate to the selected user account and click its username.

    The user profile opens.

  3. In Settings, click Assign hardware token for the automatically provisioned users, or open the action menu and, next, click Assign hardware token for manually added users.

    The Assign hardware token dialog displays.

  4. In the dialog, search for the serial number of the token you’d like to assign or reassign.

    • The search results show whether the token is unassigned or currently assigned.
    • If a token is already assigned, the username of the current owner is displayed next to the serial number.
  5. Select the token from the list and click Assign.

    • If the token is unassigned, it is immediately assigned to the user.
    • If the token is already assigned to another user, a confirmation message appears asking you to confirm the reassignment. Click Yes to proceed. The token is now unassigned from the previous owner and assigned to the new one.

    You've just assigned or reassigned the hardware token to the user.

    Now, you can verify if the authentication method that uses the hardware token has been activated as a part of your global policy.

  6. Make sure that the hardware token has been enabled as the authentication method in your global policy:

    1. In the Enterprise Center navigation menu, select Multi-factor Authentication > Policies.
    2. Navigate to the global policy and display its settings by clicking Global.
      The global policy configuration page displays.
    3. Scroll down to Authentication factors.
    4. Enable Hardware token by clicking the toggle button.

    The token can now be used by the user to perform secondary authentication.

Next steps

Manage hardware tokens that have been assigned to make sure that all tokens that are being used are registered in the service.