How-to: Import institute tokens

• Tokens have already been procured decentrally
• Seed file of the manufacturer is available as OATH compliant PSKC

Step 1: Creating a ticket

We need the following information from you to set up the tokens:

• authorised persons who are allowed to assign tokens to users (as Uni IDs or project numbers)
• the university institution for which you would like to set up tokens
• the exact type of token procured (incl. hash algorithm and TimeStep)

Please send us this information by a digitally signed e-mail from your authorised representative mailbox at it-sicherheit@urz.uni-heidelberg.de. Please avoid sending any other information that may be critical to security in this email. In particular, this e-mail should not contain any names of future token holders, serial numbers of the tokens or seed data.

Step 2: IT security sets up token and initial link

We will then set up a shared, encrypted HeiBOX share for all authorised users. We will use this to exchange all further documents. As soon as the share has been set up, we will inform you by e-mail.

Step 3: Transferring data

Please then load the decrypted seed file into the share.

Next to it in the share is an assignment list zuordnung.csv. Please complete this with the links of tokens and users with one entry per line:

serialnumber,userID

Please refer to the documents you received when purchasing the tokens for the serial numbers. The user ID is the regular Uni ID or the project ID for which login with this token should be possible.

Step 4: IT security sets up token

Once we have all the information, we will set up all the tokens and links. As soon as this is complete, we will inform you by e-mail.

If you would like to change the assignment of tokens to users after the initial setup, please update the CSV file in the share and send us a digitally signed email from your authorised representative mailbox to it-sicherheit@urz.uni-heidelberg.de, in which you ask us to update the assignment. We will inform you of the update by email.