After the Workspace ONE Access connector is configured as the authentication agent in the RSA SecurID server, you set up RSA SecurID in the Workspace ONE Access console.


  • Verify that RSA Authentication Manager (the RSA SecurID server) is installed and properly configured.
  • Download the ZIP file from the RSA SecurID server and extract the sdconf.rec file.
  • The User Auth service installed as a component of the Workspace ONE Access connector version 20.01. See Installing VMware Workspace ONE Access Connector 20.01.


  1. In the Workspace ONE Access console Identity & Access Management tab, select Manage > Enterprise Authentication Methods.
  2. Click NEW and select RSA SecurID (cloud deployment).
  3. In the Directory and Hosts screen, select the directory and the service host to configure with this authentication method.
  4. In the Configuration page, configure the RSA SecurID authentication method.
    Information used and files generated on the RSA SecurID server are required when you configure the SecurID page.
    Option Action
    Number of authentication attempts allowed Enter the maximum number of failed login attempts when using the RSA SecurID token. The default is five attempts.
    Note: When more than one directory is configured and you implement RSA SecurID authentication with additional directories, configure Number of authentication attempts allowed with the same value for each RSA SecurID configuration. If the value is not the same, SecurID authentication fails.
    SecurID Server Hostname/Address Enter the hostname or IP address of the SecurID server instance used as the authentication agent to the RSA SecurID server. If your RSA SecurID server has a value assigned to the Alternate IP address prompt, enter that value as the connector IP address. If no alternate IP address is assigned, enter the value assigned to the IP address prompt.
    Server Configuration Upload the RSA SecurID server configuration file named sdconf.rec.
  5. Click NEXT to review the configuration and then click SAVE.
    Figure 1. Configure RSA SecurID Authentication

What to do next

Add the RSA SecurID as an authentication method to the built-in identity provider.

Add the authentication method to the default access policy. Go to the Identity & Access Management > Manage > Policies page and edit the default policy rules to add the SecurID authentication method to the rule. See Managing Access Policies in Workspace ONE Access That Apply to Users.