User Event Monitor Messages for the Cloud Authentication Service

Document created by RSA Information Design and Development on Jul 14, 2016Last modified by Andrea Taylor on Nov 17, 2017
Version 21Show Document
  • View in full screen mode

 

The following messages are triggered by user events and appear in the User Event Monitor.

                                                                                                                                                                                                                                                                                                                    

Event CodeLevelTypeCategoryDescription
2noticeuserAuthenticationMethod now locked.
3noticeuserAuthenticationMethod unlocked - User successfully authenticated.
20erroruserAuthenticationMethod enrollment failed - Required parameter missing.
21erroruserAuthenticationMethod enrollment failed - User does not exist.
22erroruserAuthenticationMethod enrollment failed - User account inactive.
23erroruserAuthenticationMethod enrollment failed - Sign-in device not registered to user.
24erroruserAuthenticationMethod enrollment failed - Provider type not found.
30erroruserAuthenticationAuthentication failed - Required parameter missing.
31erroruserAuthenticationAuthentication failed - User does not exist.
32erroruserAuthenticationAuthentication failed - User account inactive.
33erroruserAuthenticationAuthentication failed - Application not found.
34erroruserAuthenticationAuthentication failed - Rule not found.
35erroruserAuthenticationAuthentication failed - Method locked.
36erroruserAuthenticationAuthentication failed - Device not registered or authentication method not enrolled.
51erroruserAuthenticationAuthentication failed - Device not registered.
52erroruserAuthenticationAuthentication failed - Cannot push notification to device.
53erroruserAuthenticationAuthentication failed - Internal verification interrupted.
101noticeuserAuthenticationAuthenticate Tokencode enrollment succeeded.
102erroruserAuthenticationAuthenticate Tokencode enrollment failed - Authentication device not registered to user.
103noticeuserAuthenticationAuthenticate Tokencode authentication succeeded.
104erroruserAuthenticationAuthenticate Tokencode authentication failed - Invalid tokencode.
105erroruserAuthenticationAuthenticate Tokencode authentication failed - Previously used tokencode detected.
106noticeuserAuthenticationIdentity router API tokencode request sent to hosted service.
107noticeuserAuthenticationIdentity router API tokencode response received - Authentication succeeded.
108erroruserAuthenticationIdentity router API tokencode response received - Authentication failed.
109erroruserAuthenticationIdentity router API tokencode authentication failed - User not found in identity source.
110erroruserAuthenticationIdentity router API tokencode authentication failed - Username is associated with multiple user accounts.
111erroruserAuthenticationIdentity router API tokencode authentication failed - User account disabled in identity source.
112erroruserAuthenticationIdentity router API tokencode authentication failed - User email address not found in identity source.
113erroruserAuthenticationIdentity router API tokencode authentication failed - Identity source unreachable.
114erroruserAuthenticationIdentity router API tokencode authentication failed - Hosted service unreachable.
115erroruserUser StatusIdentity router API user status check - User not found in identity source.
116erroruserUser StatusIdentity router API user status check - Username is associated with multiple user accounts.
117erroruserUser StatusIdentity router API user status check - Identity source unreachable.
201noticeuserAuthenticationLDAP password authentication succeeded.
202erroruserAuthenticationLDAP password authentication failed - Unknown cause.
203erroruserAuthenticationLDAP password authentication failed - Request timed out or identity router is not connected.
204erroruserAuthenticationLDAP password authentication provider enrollment failed - Missing email or password.
205erroruserAuthenticationLDAP password authentication provider enrollment failed - Unknown cause.
206erroruserAuthenticationLDAP password authentication failed - Provider configuration in the Cloud Authentication Service is incorrect for this user.
207erroruserAuthenticationLDAP password authentication failed - Provider configuration in the Cloud Authentication Service is incorrect for this user.
208erroruserAuthenticationLDAP password authentication failed - Missing email or password.
211erroruserAuthenticationLDAP password authentication failed - LDAP server host unreachable. Invalid port or server is not running.
212erroruserAuthenticationLDAP password authentication failed - LDAP server host unresolvable.
213erroruserAuthenticationLDAP password authentication failed - Cannot establish a trusted SSL connection with the LDAP directory server. Check for invalid certificate.
215erroruserAuthenticationLDAP password authentication failed - Sign-in failure: unknown username or invalid password.
216erroruserAuthenticationLDAP password authentication failed - LDAP account restriction, for example sign-in time or policy restriction is enforced.
217erroruserAuthenticationLDAP password authentication failed - Time restriction prevents sign-in for this LDAP account.
218erroruserAuthenticationLDAP password authentication failed - LDAP account not permitted to authenticate through this identity router.
219erroruserAuthenticationLDAP password authentication failed - LDAP password expired.
220erroruserAuthenticationLDAP password authentication failed - LDAP account disabled.
221erroruserAuthenticationLDAP password authentication failed - LDAP account configuration prevents sign-in.
222erroruserAuthenticationLDAP password authentication failed - LDAP account expired.
223erroruserAuthenticationLDAP password authentication failed - LDAP password must be changed using your company's internal procedures.
224erroruserAuthenticationLDAP password authentication failed - LDAP account locked out.

225

error

user

Authentication

LDAP password authentication failed - LDAP password locked for specified lockout duration.

300noticeuserAuthenticationFIDO Token enrollment succeeded.
301erroruserAuthenticationFIDO Token enrollment failed - User reached maximum token limit.
302erroruserAuthenticationFIDO Token enrollment failed - FIDO protocol error.
303erroruserAuthenticationFIDO Token enrollment failed - RSA SecurID Access service error.
304erroruserAuthenticationFIDO Token enrollment failed - Unknown error.
316erroruserAuthenticationFIDO Token name update failed – Token name cannot be blank.
317erroruserAuthenticationFIDO Token name update failed – Token name exceeds 255 characters.
318erroruserAuthenticationFIDO Token name update failed – Token name is already in use.
340noticeuserAuthenticationFIDO Token authentication succeeded.
341erroruserAuthenticationFIDO Token authentication failed - FIDO protocol error.
342erroruserAuthenticationFIDO Token authentication failed - RSA SecurID Access service error.
343erroruserAuthenticationFIDO Token authentication failed - Unknown error.
601noticeuserAuthenticationRSA SecurID user authentication succeeded.
602noticeuserAuthenticationRSA SecurID user authentication succeeded - New PIN accepted.
603noticeuserAuthenticationRSA SecurID user authentication - Requires new PIN.
604noticeuserAuthenticationRSA SecurID user authentication - Requires next tokencode.
605erroruserAuthenticationRSA SecurID user authentication failed - Invalid passcode.
606erroruserAuthenticationRSA SecurID user authentication failed - Invalid next tokencode.
607erroruserAuthenticationRSA SecurID user authentication failed - Invalid PIN.
608erroruserAuthenticationRSA SecurID user authentication failed - RSA SecurID service is not available.
609erroruserAuthenticationRSA SecurID user authentication failed - Unknown cause.
701noticeuserAuthenticationApprove authentication succeeded.
702erroruserAuthenticationApprove authentication failed - User response timed out.
703erroruserAuthenticationApprove authentication failed - User denied approval.
704erroruserAuthenticationApprove enrollment failed.
707noticeuserAuthenticationApprove enrollment succeeded.

709

error

user

Authentication

Approve authentication failed - All in-progress authentication requests canceled.

801noticeuserAuthentication

Device Biometrics authentication succeeded.

802erroruserAuthentication

Device Biometrics authentication failed - User response timed out.

803erroruserAuthentication

Device Biometrics authentication failed - User fingerprint verification failed.

804erroruserAuthentication

RSA SecurID Access enrollment for Device Biometrics failed.

805erroruserAuthentication

Device Biometrics authentication failed - Unexpected error.

806noticeuserAuthentication

RSA SecurID Access enrollment for Device Biometrics succeeded.

807noticeuserAuthentication

RSA SecurID Access unenrollment for Device Biometrics succeeded - Device unenrolled.

901noticeuserAuthenticationPortal sign-in succeeded.
902erroruserAuthenticationPortal sign-in failed - Authentication failed.
903erroruserAuthenticationPortal sign-in failed - Credentials are associated with multiple user accounts.
904erroruserAuthenticationPortal sign-in failed - Internal server error.
905erroruserAuthenticationPortal sign-in failed - Concurrent session limit reached.
906erroruserAuthenticationPortal sign-in failed - Password reset required.
907noticeuserAuthenticationPortal sign-out succeeded.
908noticeuserAuthenticationProtected application authentication attempt made.
909noticeuserAuthenticationProtected application authentication succeeded.
910erroruserAuthenticationProtected application authentication failed.
911noticeuserAuthenticationStep-up authentication initiated.
912noticeuserAuthenticationStep-up authentication succeeded.
913erroruserAuthenticationStep-up authentication failed.
932erroruserAuthenticationStep-up authentication failed - User account inactive.
933erroruserAuthenticationPassword authentication succeeded - Client does not support required additional authentication methods - Access denied.
934noticeuserAuthenticationPassword authentication succeeded.
935erroruserAuthenticationUnsuccessful password authentication – Access denied.
936erroruserAuthenticationUnsuccessful password authentication - Credentials are associated with multiple user accounts.
937erroruserAuthenticationUnsuccessful password authentication - Internal server error.
938erroruserAuthenticationUnsuccessful password authentication - Concurrent session limit reached.
939noticeuserAuthorizationPassword authentication succeeded - Policy does not require additional authentication - Access granted.
940erroruserAuthorizationPassword authentication succeeded - User prohibited by policy settings - Access denied.
941erroruserAuthorizationPassword authentication succeeded - Access prohibited by conditional policy settings - Access denied.
3000noticeuserDevice ManagementDevice registration succeeded.
3001erroruserDevice ManagementDevice registration failed.
3002erroruserDevice ManagementDevice registration unsuccessful. Maximum limit (1) for devices reached.
5107noticeuserAuthenticationRSA SecurID Access admin password changed.
20201noticeuserAuthenticationEyeprint Verification authentication succeeded.
20202erroruserAuthenticationEyeprint Verification authentication failed - User response timed out.
20203erroruserAuthenticationEyeprint Verification authentication failed - User Eyeprint verification failed.
20204erroruserAuthenticationRSA SecurID Access enrollment for Eyeprint Verification failed.
20205erroruserAuthenticationEyeprint Verification authentication failed - Unexpected error.
20206noticeuserAuthenticationRSA SecurID Access enrollment for Eyeprint ID succeeded.
20207noticeuserAuthenticationRSA SecurID Access unenrollment for Eyeprint ID succeeded.
20208noticeuserAuthenticationRSA SecurID Access rule-retrieved for Eyeprint.
20209noticeuserAuthenticationRSA SecurID Access unenrollment for Eyeprint failed.
20400noticeuserAuthenticationSAML IdP - Authentication request received.
20401noticeuserAuthenticationSAML IdP - Assertion sent for successful user authentication.
20402erroruserAuthenticationSAML IdP - Response sent for unsuccessful user authentication.
20403erroruserAuthentication

SAML IdP - Error response sent.

20601erroruserAuthenticationRADIUS - LDAP authentication succeeded - Policy contains no RADIUS-compatible methods for additional authentication - Access denied.
20602erroruserAuthenticationRADIUS - LDAP authentication succeeded - No user device registered for required additional authentication methods - Access denied.
20603erroruserAuthenticationRADIUS - Invalid format for additional authentication request - Access denied.
20604erroruserAuthenticationRADIUS - Invalid checklist attributes - Access denied.
20605erroruserAuthenticationRADIUS - Hosted Authentication Service unreachable - Access denied.
20606erroruserAuthenticationRADIUS – Approve authentication failed – Method timeout.
20607erroruserAuthentication

RADIUS - Eyeprint ID authentication failed - Method timeout.

20608erroruserAuthentication

RADIUS - Fingerprint authentication failed - Method timeout.

20609erroruserAuthenticationRADIUS - Authentication failed - Internal error.
20701erroruserAuthenticationAccess denied – User not a member of any identity source in access policy.
20702erroruserAuthenticationAccess denied – User does not match rule set in access policy.
20703erroruserAuthenticationAccess denied – Policy authentication conditions deny access.
20801erroruserAuthenticationSMS Tokencode message transmission attempted.
20802erroruserAuthenticationSMS Tokencode message transmission attempt failed - Invalid phone number.
20803erroruserAuthenticationSMS Tokencode message transmission attempt failed - Error.
20804erroruserAuthenticationSMS Tokencode regenerated.
20851noticeuserAuthenticationVoice Tokencode call attempted.
20852erroruserAuthenticationVoice Tokencode call attempt failed - Invalid phone number.
20853erroruserAuthenticationVoice Tokencode call attempt failed.
20900noticeuserAuthenticationOIDC - Authentication request received.
20901noticeuserAuthenticationOIDC - ID Token sent for successful user authentication.
20902erroruserAuthenticationOIDC - Response sent for unsuccessful user authentication.
20903erroruserAuthenticationOIDC - Error response sent.
21901noticeuserAuthenticationSMS Tokencode verification succeeded.
21902erroruserAuthenticationSMS Tokencode verification failed.
21903erroruserAuthenticationSMS Tokencode authentication method locked - User exceeded maximum tokencodes allowed.
21953erroruserAuthenticationVoice Tokencode authentication method locked - User exceeded maximum tokencodes allowed.

 

 

 

 

 

You are here

Table of Contents > Logging > User Event Monitor Messages for the Cloud Authentication Service

Attachments

    Outcomes