Define Custom Attributes to Send Transaction-Specific Data During On-Demand Authentication
You can define custom attributes to send users transaction-specific data during on-demand authentication. This feature only supports REST-based authentication to RSA Authentication Manager.
After you define custom attributes for the clients that you developed with the SecurID Authentication API, you can provide these custom attributes in the on-demand tokencode message users receive.
For example, your users could receive a custom message that replaces the following variables with values:
To confirm that you want to <BUY or SELL> <number> shares
of <stock symbol>, please enter the tokencode:
Users would enter a tokencode to confirm the transaction.
Before you begin
Use the SecurID Authentication API to define custom attributes for your REST-based, multifactor authentication clients. Your clients can use the existing SessionAttribute parameter to provide attributes during the Initialize interface.
During authentication, the initialization payload should contain the session attributes name and corresponding value. See the following example:
{
"authnAttemptTimeout": 180,
"clientId": "rest-007",
"subjectName": "adUsr",
"lang": "us_EN",
"sessionAttributes": [
{
"dataType": "STRING", "name": "DemoAttribute1", "value": "Demo Attribute1_value" }
,
{ "dataType": "STRING", "name": "DemoAttribute2", "value": "Demo Attribute2_value" }
],
"subjectCredentials": [],
"context":
{ "messageId": "test" }
}
For more information, see the SecurID Authentication API Developer's Guide.
Procedure
In the Security Console, click Setup > System Settings.
Click On-Demand Tokencode Delivery.
On the Tokencode Settings tab, specify the on-demand tokencode message text that users receive and the message lifetime.
Use the following syntax for your custom attributes:
$S.<Custom Session Attribute name>
Note: Do not remove $OTT from the message template. This variable is replaced with the tokencode in the actual message.
Click Save.
Related Tasks
Related Articles
RSA Authentication Manager 8.7 SP1 Azure Virtual Appliance Getting Started Number of Views RSA Governance & Lifecycle Recipes: Extending Objects in the AVUSER Schema with Custom Attributes Number of Views RSA SecurID SDK 3.1 for Android Developer's Guide and Release Notes Number of Views RSA Authentication Manager 8.6 Patch 3 Readme Number of Views RSA Identity Governance & Lifecycle - Joiners Movers Leavers whitepaper Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
