Products
Solutions- MFA for Exchange Emails
- MFA for Office 365 Emails
- MFA for AD-Joined Computer Login
- MFA for Entra-Joined Computer Login
- MFA for Entra ID (External MFA)
- MFA for VPN
- MFA for Remote Desktop
- MFA for IIS Websites
- MFA for Cloud Services
- MFA for Office 365
- MFA for NetMotion Mobility
- MFA for Parallels RAS
- Electronic Visit Verification
Authenticators
SaaS
Services
Compliance
Resources
Tools
Token Management Service
If your organization uses Microsoft Office 365, some of your users may have to use OATH TOTP hardware tokens for multi-factor authentication (MFA), and some may prefer FIDO security keys for passwordless login.
You might have found out, or will find out, that it can be very time consuming, if not difficult and insecure, to manage TOTP tokens and FIDO keys in Entra ID (Azure AD), because Microsoft does not provide a token lifecycle management system.
That’s where SafeID Token Service (STS) comes in.
Effortless TOTP Token & FIDO Key Management
SafeID STS provides a web-based console that lets you manage the entire lifecycle of TOTP tokens and FIDO keys—with just a few clicks. No more manually downloading, editing, or uploading token seed files.
- Boost Productivity – Assign, activate, or replace tokens in seconds.
- Enhance Security – Eliminate manual errors and reduce exposure risks.
- User-Friendly – Admins and helpdesk teams can enroll tokens for users without requiring end-user interaction.
- Full Lifecycle Control – Easily assign, deactivate, unassign, or delete tokens with a single click.
Say goodbye to cumbersome Azure AD token management - STS makes it simple, secure, and scalable.
Global Admin Not Required
In fact, there is another key reason why customers want to use the SafeID Token Management Service instead of the Azure AD portal to manage hardware tokens. With the Azure AD portal, only global administrators are allowed to manage hardware tokens. Whereas with the SafeID service portal, any users can be allowed to manage hardware tokens. SafeID Token Service has its own role-based access control system that allows you to define roles and privileges according to your exact requirements.
Supports Authenticator App
If your organisation decides to deploy the authenticator app instead of the hardware token to the majority of users, then you will find that token management can still be challenging. You can also use the SafeID Token Service to manage the SafeID Authenticator app, and ask your users to use SafeID Authenticator with Office 365. SafeID Authenticator runs on smart phones as well as on Windows PCs and Mac workstations.
You can use the SafeID Token Service to deploy the SafeID Authenticator directly to your users, and manage the lifecycle of the authenticator app, such as remote install, delete and policy control etc.
Supports Salesforce and OKTA
SafeID Token Service also supports Salesforce and OKTA. If you are a customer of Salesforce or OKTA, and your users need to use hardware tokens, then SafeID tokens and SafeID Token Service are the ideal solutions.