When and why is the PNToken property written to?

    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • SecureAuth IdP Version Affected: 9.0+


    The PNToken property is used for Push Notifications to mobile devices running the SecureAuth Authenticate app. When is the property written to and why?



    SecureAuth IdP administrators may notice that sometimes the property is updated and other times it is not. The logic around this can be explained.



    Prior to IdP 9.2 the only time that PNToken was ever written to was during the mobile device enrolment process.
    In addition to the above, since the release of 9.2, IdP has a new feature (see links below) which allows it to port OATH Seed to OATH Token, primarily for compatibility with L4E (Login for Endpoints) because L4E cannot use OATH Seed.
    The porting process also affects the value of PNToken, which can be derived from OATH Seed and is used to populate PNToken if not yet present in that property.
    For this to occur a user needs only to log on to any realm where OATH Seed and OATH Token are both mapped and where the latter is writable.
    If the value already exists in PNToken or the maximum number of PNTokens allowed has been reached then a write operation will not occur.
    See 5th row of the 9.2 new features titled:
    Automatically convert OATH Seed values into the OATH Token collection

    SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

    Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products

    1 out of 1 found this helpful



    Please sign in to leave a comment.