Introduction

Starting March 2026, the RSA Cloud Access Service will no longer support non-company-specific URLs such as https://access.securid.com and https://na2.access.securid.com. Continued use of these URLs may result in functionality disruptions.

To maintain service continuity, RSA recommends that all customers who have integrated Authentication Manager with CAS apply the hotfixes listed below to the affected versions.

The hotfixes also include resolutions to multiple security vulnerabilities. See the Security Advisory for more details.

Optionally, administrators can manually reconnect AM to CAS to obtain the company-specific URLs without installing a hotfix. However, RSA recommends installing the hotfixes in order to apply the critical security updates included in the hotfixes.

Affected Products

Authentication Manager, all versions supporting hybrid use cases connected to RSA ID Plus

Note: Authentication Managers not connected to ID Plus are not impacted, but it is always a good practice for organizations to upgrade to the latest version of Authentication Manager to benefit from new features and security updates.

Required Actions

Install hotfixes for Authentication Manager used with ID Plus in Hybrid/High Availability Mode

• Authentication Manager 8.8: Install AM 8.8 Patch 3 Hotfix 2 and Web-Tier Update. For more details, see Authentication Manager 8.8 Patches and Hotfixes Readme.
• Authentication Manager 8.7 SP2: Install AM 8.7 SP2 Patch 6 Hotfix 1 and Web-Tier Update. For more details, see Authentication Manager 8.7 SP2 Patch 6 Hotfix 1 Readme.
• Authentication Manager 8.7 SP1: Install AM 8.7 SP1 Patch 3 Hotfix 3 and Web-Tier Update. For more details, see Authentication Manager 8.7 SP1 Patch 3 Hotfix 3 Readme.
• Authentication Manager versions below AM 8.7 SP1: Customers must upgrade to any of the supported versions listed above before the end of February 2026 to continue using AM with ID Plus.