|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: Authentication Manager SDK
RSA Version/Condition: 8.x
|Issue||The following error displays after performing all steps in article 000034753 - Configure RSA Authentication Manager 8.x software developer kit (SDK):|
ERROR: com.rsa.authn.AuthenticationCommandException: Access Denied
|Cause||The error occurs for the following reasons:|
- The Security Console administrator is not a member of the internal database, but rather, belongs to an external identity source.
- The user entered invalid Security Console login credentials, such as an invalid username or password.
Create a super admin in the internal database
- Log in to the Security Console with a super admin user.
- Go to Identity > Users > Add New.
- Create a user by filling out all required fields and other details, if needed.
- Click Save.
- Go to Administration > Administrative Roles > Manage Existing.
- Scroll to SuperAdminRole and from the context arrow, select Assign More.
- Search for the new user created in step 3.
- Place a check in the box next to the user ID and click Assign to Role.
Submit the correct credentials into the SDK
If you are using the SDK sample code as discussed in 000034753 - Configure RSA Authentication Manager 8.x software developer kit (SDK), then the Program Arguments consists of three inputs, which are separated by spaces. The first input is the action (for example, create, assign, list-users, etc.). The second is the name of the new super admin created above. The third input is that user's password. For example,
list-users superadmin P@55w0rd
|Notes||Other than the sample code, the super admin username and password may be put into a different method depending on the code.|