Activate a Token

Applies To: AuthPoint Multi-Factor Authentication, AuthPoint Total Identity Security

Before you can authenticate with AuthPoint, you must activate your token. A token is something that contains information that is used to identify you and associate you with a device.

You can use two types of tokens to authenticate with AuthPoint:

  • Software tokens
  • Hardware tokens

When you activate a token, AuthPoint sends you an email message to let you know that a token was activated for your user account. If you receive this email message and you did not activate a token, notify your AuthPoint administrator.

To enable you to activate your token from the IdP portal, your AuthPoint administrator must:

If your AuthPoint administrator has not configured the IdP portal, or you do not have an authentication policy for the IdP portal, then you must use the activation email to activate your software token.

For hardware tokens, the IdP portal is required for users to activate their own token. If the IdP portal is not enabled or you do not have permission to manage your tokens from the IdP portal, your AuthPoint administrator must activate your hardware token for you.

Activate a Software Token

You activate a software token on a device that is used for authentication, such as a mobile phone. This device is then used to gain access to protected resources that require multi-factor authentication.

The AuthPoint app must be installed on your mobile device before you activate a mobile token.

There are two ways to activate a token on your mobile device. You can use the link in the Activation email that is sent to you or you can log in to the IdP portal and activate your token from there. You might choose to activate your token from the IdP portal if you do not receive the Activation email or if MFA is required for your email account.

By default, the token activation is valid for seven days. After that, you cannot use the activation link and QR code in the email or IdP portal for activation. To activate your token, you must ask your AuthPoint administrator to resend the token activation email.

When you use a QR code to activate a software token, AuthPoint uses a secure seed generation process that follows the OATH DSKPP standard (RFC 6063) to create your token.

  1. Open a web browser and navigate to the IdP portal. Authenticate to log in

    If you navigate to the IdP portal and you do not have an active token, AuthPoint prompts you to activate your token before you log in to the IdP portal.

  2. Click and select Activate a Mobile Token.

Screenshot that shows the open menu in the top right corner of the IdP portal. The menu includes options to edit password and activate mobile and hardware tokens.

  1. Type your password. Click Next.

Screenshot of the Token Activation window.

  1. Open the AuthPoint app and scan the generated QR code to activate your token.

Screenshot of the Token Activation screen with an activation QR code.

After you activate your token, you are prompted to set the name and display image for your token. This is optional.

  1. Open the Activation email you received. If you did not receive the Activation email or cannot find it, ask your AuthPoint administrator to resend the Activation email.
  2. Click the activation link in the email.
    The Welcome to AuthPoint web page appears, with an Activate link and a QR code.
  3. Activate your token:
    • If you opened the web page on your phone, tap the Activate button. This opens the AuthPoint app and activates your token.
    • If you opened the web page on your computer, open the AuthPoint app on your phone and tap Activate, then point the camera on your phone at the QR code on your computer screen.

    If you have already activated an token, tap QR Code Icon to open the QR code reader. Then point the camera on your phone at the QR code on your computer screen.

Screenshot of the Welcome to AuthPoint page.

After you activate your token, you are prompted to set the name and display image for your token. This is optional.

Tokens are specific to the device they are activated on. If you want to use multiple devices for authentication, you must activate a separate token on each device you plan to use.

Activate a Hardware Token

A hardware token is a physical device with a built-in token that you activate. If your AuthPoint administrator does not activate your hardware token for you, you can log in to the IdP portal and activate your token from there.

  1. Open a web browser and navigate to the IdP portal. Authenticate to log in

    If you navigate to the IdP portal and you do not have an active token, AuthPoint prompts you to activate your token before you log in to the IdP portal.

  2. Click User Icon and select Activate a Hardware Token.

Screenshot that shows the open menu in the top right corner of the IdP portal. The menu includes options to edit password and activate mobile and hardware tokens.

  1. Type your password. Click Next.

Screenshot of the Hardware Token Activation window.

  1. In the Token Serial Number text box, type the serial number shown on your hardware token. On WatchGuard hardware tokens, the serial number is located on the back of the token.
  2. In the One-Time Password (OTP) text box, type the current one-time password for your token.

Screenshot of the Hardware Token Activation window.

  1. Click Finish.

Related Topics

About the AuthPoint Mobile App

About Authentication

Migrate Your Token

Authentication Without Your Mobile Device

Third-Party Software Tokens

Token Management