OTP Token Management
OTP tokens can be issued only to users with OTP Token enabled in multifactor verification.
You need to prepare OTP tokens in advance. You can use Jansh ETZ201/203 OTP tokens for logins.
Prerequisites
- You have obtained a hardware token.
- You have the management permissions for the User module.
- You have the management permissions for the OTP module.
Issuing an OTP Token
One OTP token can be issued only to one user.
- Log in to your bastion host.
- Choose User > OTP token in the navigation pane.
- Click Issue to issue an OTP token.
- Enter the required token information.
Figure 1 Issue Token ID
Table 1 Parameters for issuing an OTP token Parameter
Description
Token ID
Specifies the OTP token ID.
Key
Specifies the key uniquely corresponding to the OTP token. It is provided by the OTP token vendor.
Relate User
Specifies the user to whom the OTP token is related. OTP token must be enabled in multifactor verification for such users.
- Click OK. You can view the newly issued OTP token in the OTP token list.
For users with OTP token enabled, they need to enter the username, password, and the dynamic password issued by the OTP token for logins.
Importing an OTP Token
- Log in to your bastion host.
- Choose User > OTP token in the navigation pane.
- Click Import to batch import OTP tokens.
- Click Download next to Download template.
- Enter the configuration information of the OTP tokens to be imported according to the configuration requirements of the template.
- Click Upload and select the complete template.
- You can upload files in CSV, XLS, or XLSX format.
- Override existing OTP token
- Selected: The token ID will be overwritten if two tokens have the same key and related user configured, and the information of the existing token will be updated but the token is not deleted.
- Not selected: The system skips the tokens with duplicate keys and related users.
- Click OK. You can then view the imported OTP tokens in the token list.
Exporting an OTP Token
- Log in to your bastion host.
- Choose User > OTP token in the navigation pane.
- Select the OTP token to be exported.
If no tokens are selected, all tokens are exported by default.
- Click Export in the upper right corner next to the Advanced search box.
Revoking an OTP Token
After an OTP token is deleted, the related user cannot log in to the bastion host through the OTP token.
- Log in to your bastion host.
- Choose User > OTP token in the navigation pane.
- In the Operation column of the row containing the OTP token to be revoked, click Revoke.
- In the OTP token list, you can select multiple OTP tokens and click Revoke at the bottom of the list to revoke the selected tokens together.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.