Article Content
Article Number | 000038915 |
Applies To | RSA Product Set: SecurID RSA Product/Service Type: Authentication Manager RSA Version/Condition: 8.x |
Issue | The following error displays while authenticating from a client, such as an F5 BIG IP APM, configured for Risk-Based Authentication. User is not enrolled for any of the allowed identity confirmation authentication methods |
Resolution | This error happens when:
This error occurs during initial authentication with silent collection disallowed. It can also occur with silent collection allowed, but after the silent collection period has expired and without configuring a secondary challenge method. If silent collection is not allowed, users must be instructed to configure their secondary challenge methods using the Self-Service Console before their first RBA authentication. If silent collection is allowed, then risk-based enabled clients will prompt a user to set up their identity confirmation method after a high assurance authentication (for example, from a known device). If this has not been done before the silent collection period ends, then the user must use the Self-Service Console to configure their identity confirmation method. |
Notes | Identity confirmation methods can be security questions, On-Demand Authentication, or both. |