Administrators with the OTP Auth Manage All Users rights profile can use the otpadm command to manage the attributes that affect users' OTPs. Regular users can manage the keys for their own account, but an administrator must install the OTP package and assign an otp PAM policy to the user.
To configure per-user OTP, you must be assigned the User Management rights profile.
The administrator is responsible for configuring any OTP attributes that should not inherit the default values. Users who set their own secret keys can also set their OTP attributes.
Typically, the default attribute values are adequate. For a description of the attributes, see the otpadm(8) man page.