Previous Topic: Identify Interactive Restricted UsersNext Topic: List of Non-Restricted Files


Configure the CA ArcotID OTP Client

All interactive restricted users need to authenticate to the CA ControlMinder endpoint with their ArcotID OTP credentials and a generated password every time they want to edit a file. To activate the one-time password generator, they need to configure the CA ArcotID OTP mobile or desktop client.

Tell all interactive restricted users to register themselves for ArcotID OTP by performing the following procedure once.

Follow these steps:

  1. Access the Custom Application web application.
    https://hostname:port-number/customapp/
    
  2. Click “Custom Application” in the left panel.
  3. Submit your username (the username of the user that needs to be authenticated by the CA ControlMinder endpoint). Submit your email address if requested.

    Note: By default, CA ArcotID OTP uses the email address from your user profile in the user directory that CA ControlMinder and CA AuthMinder use.

    CA ArcotID OTP sends an email with an activation-code to confirm your identity.

  4. Submit the activation code from the email and other authentication details, such as your mobile number and answers to security questions.

    The web application displays your activation details: server URL, user identifier, and activation code. Leave the web page open.

  5. Activate ArcotOTP on your desktop or mobile device to set up the one-time password generator:
    1. Open the CA ArcotID OTP desktop client or the CA ArcotID OTP mobile app.
    2. Click “Add” in the “Accounts” section to add a new account.
    3. Copy and paste the authentication values from the Custom Application window into the Add Account window, and click Save. For example :
      Server URL

      https://hostname:port-number/arcotafm/controller_aotp.jsp?profile=mobileotpprofile

      User identifier

      jsmith

      Activation Code

      12345678

    4. Set up a PIN to protect your credentials and click Save.
    5. (Optional) Click “Submit” to complete self-registration.

    The ArcotOTP client displays your account.

You are now ready to generate a one-time password with the CA ArcotID OTP client when sepromote prompts you for a passcode.