ESET Online Help

Search English
Select the topic

Using ESA in EMA 2

What is ESET Secure Authentication (ESA)

ESET Secure Authentication is an additional security layer to your network. It generates a one-time password (OTP) the user has to use along with the required username and password. MSP partners can distribute ESA licenses similarly to other ESET products.

ESA in ESET MSP Administrator 2

ESA licenses are used in MSP Administrator similarly to other products. You can create a customer, select products and create licenses. There are two ways to activate the ESA product with EMA 2 license:

Use your EMA 2 user name and password to activate ESA.

Use the ESA SDK Key and Secret.



In EMA 2, users cannot use SMS to distribute the OTPs. OTPs can be distributed via:

ESA mobile application

Push Authentication

Hard tokens, Time-Based Hard tokens

OTP received via custom delivery option

The restriction is valid for both ESA SDK and ESA Server users.


ESA units are billed based on units ordered, not on units actually used. For example, if you order 10 units and the license is used to activate 5 units, you are still billed for 10 units.


To incorporate ESA SDK in a customer's infrastructure, you have to use the ESA API Key and ESA API Secret. ESA SDK uses the first 5 characters of the ESA Key in the Seat Name for easier identification. The Seat Name can be changed later.

Prerequisites for ESA SDK:

There is an ESA license associated with the customer.

The User must have Write access rights to the customer.


To generate the ESA API Key and Secret, follow the steps below:

1.Log in to the EMA 2 Portal.

2.Click Companies > click the company name where you want to use ESA SDK.

3.Click Licenses, select the ESA license and click ESET Secure Authentication SDK.


4.Click Activate to generate a new key pair.


5.Your Key and Secret are displayed. Copy them locally so you can use them later.


Revoke a key

You can revoke a Key and Secret. When you revoke a key, the devices using those keys cannot use it anymore and the units of usage are returned to zero. The license is unaffected.

To revoke a Key pair, follow steps below:

1.Navigate to Companies > select the company where you want to use ESA SDK.

2.Navigate to Licenses > click the ESA license > select ESET Secure Authentication SDK.

3.Click the key you want to revoke and select Revoke from the menu.


Activated units

If you create an SDK API key or use your MSP Administrator (EMA 2) username and password to activate a device, the device and seat appear in the Activated devices window. Each ESA unit is protected by 2FA.

The Seat name is assigned automatically, but you can change it:

1.Navigate to Activated units.


2.Click the seat > Change seat name.


The ESA SDK seats are displayed also in the Licenses > ESA SDK view, and the changed name is automatically updated there as well. SDK Seats contain first 5 characters of SDK Key for identification.