In order for the MobileID app to work, you will need to be able to add a token to the phone.  In the page titled  Basic setup for testing of OTP [Mobile-ID], we demonstrated how to create the token, display and scan the QR code, on the DualShield Management Console.

Obviously the end users will not have access to the DMC, therefore we need to be able to send a link via SMS or email in order to push the token to the phone.

This can only be achieved by setting up the DualShield Provisioning Server and Message Gateway:  If you have not already done this then use the follwing guides to set up these components:

Setup of Provisioning server: Provisioning Service Portal [PSP]

Setup of the Message Gateways: Message Gateways [MC-MG]

Once these two components have been set up,  there are two methods of provisioning.  One is manual the other is automatic.

Pushing out the token Manually:

Locate the users account on the DMC and list the tokens.  From the token list, clip on corresponding drop down arrow of the token you whish to push and choose push in the menu that comes up and choose the method you wish the end user to receive the token.


Pushing out the token Automatically:

The token can also be pushed out automatically at the time of it being created.  This will need to be enabled in the policy settings.

Select MobileID/Time-based from the categories:


You now need to edit the policy:



Under Token Provisioning, choose 'Automatically Provision token' from the drop down.


Under 'Token Activation select from the three available option settings;


This option allows the system administrator to determine the action to be taken when a token is created or assigned to a user.

  • Automatically active the token when created or assigned
    The token is automatically activated and usable as soon as it is created or assigned to the user.

  • Send Activation Code to the user when crated or assigned
    The token is not activated after it is created or assigned, and not usable until it is activated by the user.
    DualShield will automatically send an Activation Code to the user via the specified Message Channel.

  • Do Nothing
    The token is not activated after it is created or assigned, and not usable until it is activated by the user. And DualShield will not send an Activation Code to the user.


For the purposes of this example I have selected 'Automatically activate the token when created or assigned'.


Under Token/Client Deployment select 'Automatically push' and choose the appropriate delivery methods: