Flowchart showing the RSA SecurID authentication flow between the User, API Client and PingFederate.
  1. If the user uses SecurID Adapter as second-factor authentication, the user must complete first-factor authentication before progressing to the SecurID Adapter.
  2. The status of SECURID_CREDENTIAL_REQUIRED is returned.
  3. The API client displays the information returned by PingFederate.
  4. The user enters the corresponding SecurID credential.
  5. The API client invokes the checkCredential action.
  6. One of the following situations occurs:
    • Authentication succeeded and PingFederate returns the subject to the API Client.
    • The status of SECURID_NEXT_TOKENCODE_REQUIRED is returned.
      • User status is `Next Tokencode required` in RSA SecurID.
      • The API client notifies the user next tokencode is required.
      • The user enters tokencode.
      • The API client invokes the checkNextTokencode action.
      • Authentication succeeded and PingFederate returns the subject to the API Client.