000036224 - Authentication error occurs when additional authentication is required for RSA SecurID Access application portal or a protected application

Document created by RSA Customer Support Employee on Apr 7, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000036224
Applies ToRSA Product Set:  SecurID Access
IssueWhen attempting to access the IDR-hosted application portal with additional authentication required (or an application in the portal that requires additional authentication) an error occurs:

"Authentication error"

User-added image

The /var/log/symplified/symplified.log includes a message like:

2018-04-05/18:50:20.627/UTC [ajp-bio-8009-exec-7] WARN com.symplified.service.appliance.cloudmfa.CloudMFAUtils[37] - Failed strong authentication: AUTHN_ATTEMPT_ID_NOT_FOUND

CauseThe user is in an associated LDAP identity source but has not been synced to the cloud yet.
ResolutionFollow the steps in Manually Synchronize an Identity Source for the Cloud Authentication Service to create a record of the user in the SecurID Access cloud service.
Additionally, ensure that the user has the ability to perform the required additional authentication.  For example, see RSA SecurID Authenticate Device Registration Overview if approve (push notification) or authenticate tokencodes are allowable authentication methods.