Delegating access for requesting seeds and accessing tools

The seeds are  sensitive information and can be requested only by the users listed as authorized to receive them. Whoever places the order is considered authorized.  We have added a new customer area improvement, that allows the order’s owner to delegate access for requesting the factory-set secrets/seeds of the TOTP tokens. The same procedure should be employed to delegate access to various tools, namely the ones with the access limited exclusively to the product owners.


This article describes delegating access to the seeds to additional users (email addresses). The process of the seed request itself is described in details here.


Navigate to the associated order and click the "manage access to users" button on the top right side of the order.




Specify the  additional authorized email addresses. Every email address should be entered on a new line




To access the orders and request the seeds, users have to create a Token2 customer account with a matching email address.




Orders previously made in guest mode using your email address and delegated orders will appear under the newly created account.
Request the seeds by clicking “request the seeds” button. The seeds for the tokens can be in multiple formats,
including an Azure MFA compatible CSV file, encrypted with a PGP or GPG public key or in a password-protected zip file




The order's price details are not visible for delegated email addresses. It should also be noted that when the email address is removed from the modify access list of the order, this order will disappear from this customer's account created under this email address.