PSD1198 – Use PIP to Import Yubico tokes to PAS DB


  • PhenixID Identity Provisioning (PIP) 6.0.0 or later
  • PhenixID Authentication Server 4.0.0 or later
  • Yubico seed file created according to this document


This PSD will contain an example policy for converting and importing a Yubico seed file into the PAS database. The policy will also create an export file similar to the one created by “test-tool”, if necessary.

Please note that there will be no check if a token already is present in the SQL or not. Tokens will always be imported.

Add action for PAS Encryption

Download the PAS Encryption action and place it in <PIP root folder>/actionPackages/customer

Download the dependency jar-file and place it in <PIP root folder>/actionPackages/ext

Import Policy “Import Yubico token in SQL”

Download Import Yubico token in SQL.aax and have it imported in Identity Provisioning.

Adjust the file data source “Yubico-export” to point to your exportfile.

Adjust the settings for SQL data source “sqlexpress” to match the database used by PAS.

If a different SQL than MSSQL is used, the action the SQL command in action “Generate GUID from MSSQL” has to be adjusted.

Edit the location for the output file in action “Create tokens.yubico”

Information provided in this document is for your information only. PhenixID makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

The origin of this information may be internal or external to PhenixID. PhenixID makes all reasonable efforts to verify this information.

PhenixID -