RSA SecurID Access

RSA SecurID Access (packaged under RSA ID Plus) delivers MFA and standards-based SSO for VPNs, desktops, and SaaS. The Cloud Authentication Service (CAS) functions as an IdP for OIDC/SAML applications and brokers MFA to network gear via RADIUS, with directory integration to LDAP/Active Directory. Authenticators include FIDO2/WebAuthn passkeys, Approve push, software/hardware OTP, and YubiKey.

Key Capabilities

  • MFA & passwordless options: FIDO2/WebAuthn (passkeys with RSA Authenticator 4.5+), Approve push (code matching + device biometrics), software OTP, hardware tokens, and YubiKey support.

  • Device & desktop coverage: MFA for Windows/macOS logon and broad VPN/firewall integrations via RADIUS; CAS documents push/biometric flows and assurance levels.

  • Branding & packaging: SecurID capabilities aligned under RSA ID Plus plans; product portals and apps reflect RSA-wide branding updates.

Limitations

  • Advanced OAuth profiles: Public materials focus on core OIDC/OAuth; there isn’t enough information to confirm PAR, DPoP, or mTLS/FAPI support in CAS.

  • Provisioning/SCIM: Documentation centers on authentication and access; a general-purpose SCIM 2.0 provider/consumer interface isn’t clearly documented.

  • Hybrid ops & agents: VPN/desktop enforcement typically relies on RADIUS and endpoint agents; customers manage network device configuration and HA.

  • Portfolio naming: References span SecurID, RSA Authenticator, Cloud Authentication Service, and RSA ID Plus—validate your plan/version when mapping features.

Customer Identity, Simplified.

No Complexity. No Limits.
Thousands of businesses trust LoginRadius for reliable customer identity. Easy to integrate, effortless to scale.

See how simple identity management can be. Start today!
Free Trial
Contact Sales