Skip to content

KB017: Configure Token Registration Mechanisms

Last Updated: July 22, 2025

Applies To: HySecure Gateway 7.1 Service Pack 1 and above

Category: User Experience & Interface Enhancements

Overview

This guide explains how to configure separate registration mechanisms for PC tokens and mobile tokens in HySecure Gateway. This enhancement provides independent control over PC and mobile token registration processes, offering enhanced flexibility for environments using local push notification servers and hybrid client deployments.

Prerequisites

  • HySecure Gateway 7.1 Service Pack 1 or higher.

  • Security Officer or Administrator access to HySecure management console.

  • Understanding of PC token vs. mobile token authentication methods.

  • Knowledge of push notification server configuration.

  • Coordination with Accops support team for backend configuration.

Token Registration Overview

PC Token Registration

Purpose: Allow users to register both a PC Token in the Mac HyID client and a Mobile Token (without Push notification) in the Android/iOS HyID client at the same time, when the Push Notification Server is only accessible from the internal network.

Configuration Requirements

Backend Configuration Access

Note

  • This feature requires backend configuration file modifications.
  • Direct file system access to HySecure gateway required.
  • Contact Accops support team for configuration assistance.
  • SSH access to active HySecure gateway node needed.

Configuration File Location:

  • File Path: /home/fes/fescommon/adm.conf

  • Configuration Flag: ALLOW_ADM_IN_PC_REGISTRATION

Procedure

  • Connect to the Active Node of the HySecure Gateway via SSH.

  • Modify file /home/fes/fescommon/adm.conf using command: vim /home/fes/fescommon/adm.conf

  • Flag ALLOW_ADM_IN_PC_REGISTRATION supports two values:

    • 1 – set this value when push notification is to be sent on HyID Mac client.

    • 0 – set this value when PC token is to be registered as MFA token.

Note

Default value of the flag is 1.

Monitoring and Verification

Token Registration Monitoring

Log Information Includes:

  • PC token registration events and success/failure rates.

  • Mobile token registration activities.

  • Push notification server connectivity status.

  • Configuration flag validation results.

Accessing Registration Logs:

  1. Navigate to Reports > Logs > Activity Logs.

  2. Search for the keywords PC Token or Mobile token to find the desired user.

  3. Review PC vs. Mobile token registration patterns.

Diagnostic Steps

Verify Configuration File Settings:

# Check current configuration (requires SSH access)
grep ALLOW_ADM_IN_PC_REGISTRATION /home/fes/fescommon/adm.conf

Test Push Notification Server Connectivity:

# Test connectivity to push notification server
telnet push-server.domain.com 443

Review Token Registration Logs:

  1. Navigate to Reports > Logs > Activity Logs.

  2. Filter by token registration events using the following search keywords:

    • Successfully registered for mobile token

    • Successfully registered for PC token

  3. Look for PC token vs. mobile token registration patterns.

Client-Side Diagnostics:

  • Verify client application version and compatibility.

  • Check client network connectivity and firewall rules.

  • Test push notification functionality independently.

  • Review client application logs for registration errors.

Note

  • Mobile token registration operates independently.
  • Testing recommended across all client platforms after configuration changes.

Contact Support: support@accops.com for backend configuration assistance.