Description
In order to reuse a FortiToken Mobile, or if a user gets a new phone, or if the phone is stolen or lost, the FortiToken Mobile needs to be transferred to the new phone.
Scope
FortiToken Mobile.
Solution
The following steps will permit the transfer of the mobile token to the new phone:
- Go to User & Device -> User Definition and remove/unassign the mobile token from the the current user by deselect Enable Two-factor Authentication, and select OK.
The token will be removed from the user's Two-factor authentication column. The user will also be removed from the token's User column, under User & Device -> FortiTokens.
- Adjust the user information of the new user as necessary (or create a new user).
- Assign the respective token to the desired user.
- Send the activation code to the phone of the user (the status should show up as pending under User & Device -> FortiTokens).
- If an error message is seen, run the following commands on the FortiGate unit:
execute fortitoken-mobile provision <serial-number>
execute fortitoken-mobile renew <serial-number>
- Check again under User & Device > FortiTokens, the status should now be "pending".
Related articles:
Deactivating a FortiToken - FortiToken documentation.
Configuring FortiTokens - FortiToken documentation.