The requirement is to keep some users from accessing the self service portal (SSP). Administrators or help desk users manage the tokens for the users instead of the users managing their own tokens. An example would be third party contractors who need two factor authentication, but they should not be able to manage their own tokens.
Restricting access to the self service portal for certain groups is not possible.
As a work-around, it is possible to create a user group in VIP Manager that does not allow a credential to be added. Users who should be restricted would then be added to that group. Then have the administrator or help desk personnel generate a security token for the user that is good for the intended duration. The user can still login to the SSP, but is unable to add a credential.
Subscribing will provide email updates when this Article is updated. Login is required.