Seamless authentication integration with RSA SecurID Soft Tokens and Pulse Secure client

This article provides information about support for seamless authentication integration with RSA SecurID Soft Tokens and Pulse Secure client. This feature is available only with Pulse Secure client running on the Microsoft Windows operating system. This feature is available for Pulse Secure mobile client for Mobile Devices from 5.0R1 and above.

Pulse Secure desktop client

Pulse Secure client 2.0R1 and above for Microsoft Windows OS supports integration with RSA SoftID. This allows automatic access to the user’s RSA passcode during authentication with the Pulse Secure client using the RSA PIN entered by the user.

When Pulse Secure client detects that RSA SoftID is installed on the same Microsoft Windows system, it prompts the user for the RSA PIN number and programmatically retrieves the passcodes for successful authentication. This feature allows for seamless authentication integration with RSA and the Pulse Secure gateway. This feature is available for Pulse Secure desktop client running Microsoft Windows operating systems.

Note: If RSA SecurID v4.1.1 and above is installed, you must install the RSA SecurID with Software Token Automation. Otherwise, this feature will not work with the standard installer.

Pulse Secure mobile client

Starting with Pulse Secure mobile client 5.0R1, this feature is supported. Under each Configuration > Authentication, there is a soft token option (as shown below on iOS and Android). Note that if a soft token already exists, it is a selectable option.

Note: Pulse Secure mobile client does not support the RSA Soft Token as a Secondary Authentication Server when the Soft Token option is selected in the Connection template.

Pulse Secure mobile client for iOS

seamless-authentication-integration-rsa-securid-soft-tokens-pulse-secure-client-1

Importing a Soft Token on Pulse Secure mobile client for iOS

There are two ways the RSA administrator can import a soft token on iOS devices:

1.E-mail hyperlink (dynamically provisioned tokens). (CT-KIP format)
2.E-mail attachment (file-based tokens). (SDTID file format)
The administrator can send a soft token as an SDTID file via e-mail. The end-user can click the attachment and open it with Pulse. The token will be imported into the Pulse Secure mobile client.

Pulse Secure mobile client for Android

seamless-authentication-integration-rsa-securid-soft-tokens-pulse-secure-client-2

Importing a Soft Token on Pulse Secure mobile client for Android

There are three ways the RSA administrator can import a soft token on Android devices:

1.E-mail attachment (file-based tokens). (SDTID file format)
2.E-mail hyperlink (file-based tokens). (CTF format)
3.E-mail hyperlink (dynamically provisioned tokens). (CT-KIP format)

Pulse Secure mobile client 4.2 and below

Users must do the following:

1.Start the RSA SecurID Soft Token application.
2.Copy the passcode from the SecurID Soft Token UI.
3.Launch the Pulse Secure mobile client.
4.Manually paste the passcode in the Pulse UI.

Consult the documentation for the RSA SecurID Software Token for iPhone and iPad in the links below for more details on configuring mobile devices.

About the author

Prasanna

Leave a Comment