For RSA tokens, when user tries to log in for the first time, they are asked to change the token PIN(passcode). Once user changes the PIN then only they can login. To change the PIN application [Third Party] should provide the user with a page to set the new PIN. Once user hits the submit button, application needs to invoke siteminder java API which should set the new PIN for the user's RSA token.

Is there a SiteMinder API to reset RSA token passcode of the user?

Release:
Component: SMSDK

We do not have any specialized APIs for RSA token generation. You will need to check with RSA to see if they have such an API that you can use and incorporate into your custom agent. You might need to do something like protect a resource with one of the token auth schemes, get a failed return code from the Agent API login call and then handle PIN management using RSA's APIs.