Help Center> Cloud Bastion Host> User Guide> User> OTP Token Management
Updated on 2024-05-11 GMT+08:00
View PDF

OTP Token Management

OTP tokens can be issued only to users with OTP Token enabled in multifactor verification.

OTP tokens need to be prepared before binding. You can use Jansh ETZ201/203 OTP tokens in CBH.

Prerequisites

  • You have obtained a hardware token.
  • You have the management permissions for the User module.
  • You have the management permissions for the OTP module.

Issuing an OTP Token

One OTP token can be issued only to one user.

  1. Log in to the CBH system.
  2. Choose User > OTP token in the navigation pane.
  3. Click Issue to issue an OTP token.
  4. Enter the required token information.

    Table 1 Parameters for issuing an OTP token

    Parameter

    Description

    Token ID

    Specifies the OTP token ID.

    Key

    Specifies the key uniquely corresponding to the OTP token. It is provided by the OTP token vendor.

    Relate User

    Specifies the user to whom the OTP token is related. OTP token must be enabled in multifactor verification for such users.

  5. Click OK. You can view the newly issued OTP token in the OTP token list.

    For users with OTP token enabled, they need to enter the username, password, and the dynamic password on the OTP token to log in to the CBH system.

Importing an OTP Token

  1. Log in to the CBH system.
  2. Choose User > OTP token in the navigation pane.
  3. Click Import to batch import OTP tokens.

    Figure 1 Importing an OTP Token

  4. Click Download next to Download template.
  5. Enter the configuration information of the OTP tokens to be imported according to the configuration requirements of the template.
  6. Click Upload and select the complete template.

    • You can upload files in CSV, XLS, or XLSX format.
    • Override existing OTP token
      • Selected: The token ID will be overwritten if two tokens have the same key and related user configured, and the information of the existing token will be updated but the token is not deleted.
      • Not selected: The system skips the tokens with duplicate keys and related users.

  7. Click OK. You can then view the imported OTP tokens in the token list.

Exporting an OTP Token

  1. Log in to the CBH system.
  2. Choose User > OTP token in the navigation pane.
  3. Select the OTP token to be exported.

    If no tokens are selected, all tokens are exported by default.

  4. Click Export in the upper right corner next to the Advanced search box.

    Figure 2 Exporting an OTP Token

Revoking an OTP Token

After an OTP token is deleted, the related user account cannot be used to log in to the CBH system through the OTP token.

  1. Log in to the CBH system.
  2. Choose User > OTP token in the navigation pane.
  3. In the Operation column of the row containing the OTP token to be revoked, click Revoke.

    Figure 3 Revoking an OTP token

  4. In the OTP token list, you can select multiple OTP tokens and click Revoke at the bottom of the list to revoke the selected tokens together.

    Figure 4 Batching revoking OTP tokens

Parent topic: User