Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000035369 - RSA Authentication Manager On-Demand Authentication (ODA) failing with the following error: User provided incorrect On-Demand Service PIN while requesting tokencode.

Document created by RSA Customer Support

on Jul 20, 2017

Version 1Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000035369
Applies To	RSA Product Set: SecurID RSA Product/Service Type: Authentication Manager
Issue	On-Demand Authentication (ODA) failing with the following error shown in the authentication activity report: Date & Time: 2017-07-10 11:16:03.89 Log Level: ERROR Activity Key: Principal authentication Description: User <user ID> attempted to authenticate using authenticator “OnDemand”. The user belongs to security domain “<security domain>" Action Result Key: Failure Result Key: SMS_METHOD_FAILED_PIN_STAGE Result: Authentication method failed. User provided incorrect On-Demand Service PIN while requesting tokencode. User ID: <user ID> User First Name: <user first name> User Last Name: <user last name> User Security Domain: <user security domain> User Identity Source Name: <user identity source name> Agent Type: 8 Agent Name: N/A Agent IP: N/A Agent Security Domain: N/A Authentication Method: OnDemand Policy Expression: (RSA_Password/LDAP_Password)+RBA Argument 1: AUTHN_LOGIN_EVENT Argument 2: N/A Argument 3: N/A Argument 4: N/A Argument 5: N/A Argument 6: N/A Argument 7: N/A Argument 8: 80022261191ca8c01c595263cb1d51dd Argument 9: <user mobile number> Argument 10: N/A Instance Name: <instance name> Client IP: <client IP address> Server Node IP: <server node IP address> Additional Information: N/A Actor GUID: <actor GUID> Session ID: <session ID> Agent GUID: N/A
Cause	An incorrect on-demand PIN was entered.
Resolution	Have the end user try again with the correct PIN. If the end user does not remember the PIN, Access the Security Console and choose one of the two options: From the Quick User Search, bring up the user who is having an issue. Alternatively, search for the user and click on the drop down arrow next to the result and click SecurID Tokens. Under On-Demand Authentication (ODA), click Manage. Next to Associated PIN, check the option to Clear existing PIN and set a temporary PIN for the user. An example temporary PIN could be the user's initials and last four digits of their mobile number. Click Save when done. Communicate this new PIN to the user. Have them attempt to authenticate again to verify the fix.

Attachments

Outcomes

0 Comments

Recommended Content