To configure OATH tokens, you must have the following items from each token manufacturer and for each supplied token model:
- A token seed file. The seed file can be either:
- A .txt file consisting of lines with a comma separating the token serial numbers and secret keys (without spaces)
- A .csv file with the token serial numbers and secret keys in different cells (without spaces or commas)
The secret keys are strings of hexadecimal digits.
- For each seed file, a single associated token type of either TOTP or HOTP.
- For TOTP types, a refresh interval of 30 or 60 seconds. The default is 30.
For HOTP types, a start counter can appended as an additional field in the seed file. If absent, it defaults to zero.
- In the PingOne admin portal, go to .
Go to the Alternate Authentication Methods section.
In the Enable column, select the OATH
Token check box.
The Manage OATH Tokens modal opens.
Click Save & Manage Tokens.
The OATH Tokens tab opens and shows a list of previously saved tokens.Note:
If there are no saved tokens, the list will be empty.
Click + Import Tokens.
The Import OATH Tokens modal opens.
- Click Choose File.
Navigate to your token seed file and select it.
A user imports a single token from a file called DAF.csv with the following seed.
The Import OATH Tokens modal shows the token information.
From the Token Type list, select the token type.
A selection of TOTP - 6 Digits enables the Refresh Interval list.
The Import OATH Tokens modal now looks as follows.Note:
The Preview Record section shows information from the first record in the .csv file.
- Optional: If applicable, from the Refresh Interval list, select the refresh interval.
To return to the Import OATH Tokens modal, go to , and then click + Import Tokens.
The newly imported tokens appear at the top of the OATH Tokens list.
- If your seed file contains entries that duplicate existing tokens, the
Incomplete Token Report error is displayed.
Remove the duplicate entries from the seed file and try again.
- If your seed file is invalid, you will receive the following error message.