RSA Authentication Manager Log Messages - 23061
The following table lists AM log messages based on the event category and action ID. It also lists the corresponding action key, description, and log message. The log message has placeholders in the “{number}” format, which represents actual data in the logs and Activity Monitor.
Use this table to understand simple network management protocol (SNMP) trap information captured by a network management system. For more information on the information displayed by the object identifier structure (OID) in the SNMP trap, see RSA Authentication Manager SNMP.
Event Category | Action ID | Action Key | Description | Message |
eventAuthn | 23061 | EAP32_NEW_PEPPER | EAP-32 Authentication | User “{0}” received new EAP-32 Pepper |
eventAuthn | 23062 | TOKEN_EXPIRED | Token Expired | Token serial number “{16}” assigned to user “{0}” in security domain “{1}” from identity source “{2}” is expired |
eventAuthn | 23066 | AUTHMGR_SMS_PIN | PIN change attempted for On-Demand Tokencode Service | User “{0}” in security domain “{1}” from identity source “{2}” attempted to change pin for On-Demand Tokencode Service |
eventAuthn | 23067 | AUTHMGR_SMS_PASSCODE | Authentication attempted | Passcode reuse or previous token code detected for user “{0}” in security domain “{1}” from “{2}” identity source. Request originated from agent “{3}” with IP address “{4}” in security domain “{5}” with protocol version “{2}”. Authentication method: “{6}” ; Authentication policy exp: “{7}” |
eventAuthn | 23068 | AUTHMGR_SMS_NEW_PIN | New pin mode activated for On-Demand Tokencode Service | New pin mode activated for On-Demand Tokencode Service for user “{0}” in security domain “{1}” from “{2}” identity source |
eventAuthn | 23069 | AUTH_AGENT_TRUSTED | Authentication agent access check | Verifying trusted user “{0}” in security domain “{1}” from identity source “{2}” is allowed access to agent “{3}” with IP address “{4}” in security domain “{5}” |
eventAuthn | 23070 | AUTOREG_UPDATE_FAILED | Agent update failed | Auto-registration update for the agent “{3}” with IP address “{4}” in Security Domain “{5}” |
eventAuthn | 23071 | AUTH_FAILED_BAD | Authentication attempted | Bad tokencode ; but good PIN detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source |
eventAuthn | 23072 | AUTH_FAILED_BAD_PIN | Authentication attempted | Bad PIN ; but good tokencode detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source |
eventAuthn | 23073 | AUTH_FAILED_BAD_PIN | Authentication attempted | Bad PIN ; but previous tokencode detected for token serial number “{16}” assigned to user “{0}” in security domain “{1}” from “{2}” identity source |
eventAuthn | 23074 | TR_R_AUTHMGR_NTC | Trusted realm next token code accepted | Next tokencode mode accepted for token serial number “{11}” assigned to user “{0}” in security domain “{1}” from the trusted realm “{8}”. |
eventAuthn | 23079 | AUTHN_ARTIFACT | Authentication artifact validation | Authentication artifact validation on agent “{3}” with IP address “{4}” in security domain “{5}” for user “{0}” in security domain “{1}” from “{2}” identity source |
eventAuthn | 23080 | AUTH_AGENT_DOESNT | SecurID credential type not accepted | Received a SecurID credential ; which the agent is configured to not accept. Agent “{3}” with IP address “{4}” in security domain “{5}”. |
eventAuthn | 23081 | AUTHN_ARTIFACT | Generate Authentication Artifact | Authentication artifact was generated for principal “{0}” stored in identity source “{2}” managed in security domain “{1}” |
eventAuthn | 23089 | TR_R_VIA_PRINCIPAL_NOT_DISCOVERED | Discover the user | The user “{0}” could not be discovered in the RSA trusted realm |
eventAuthn | 23090 | TR_R_VIA_OTP_VERIFICATION_FAIL | Verify Authenticate Tokencode | Authenticate Tokencode verification failed for the user “{0}” |
eventAuthn | 23091 | TR_R_VIA_OTP_NODE_SECRET_UNAVAILABLE | Agent node secret verification | Verifying the node secret for the agent “{3}” with IP address “{4}” in security domain “{5}” |
eventAuthn | 23117 | REST_CHECK_AUTH_ACCESS_KEY_IS_DEPRECATED_UNKNOWN | Agent Credentials Usage | Agent with IP "{7}" used credential with Access ID "{6}" |
Related Articles
How to resolve 'EXP-00000: Export terminated unsuccessfully' error encountered during Oracle Export in Thor Xellerate Number of Views Authentication Manager Log Messages (23001-23091) Number of Views RCM 6.7 shows vulnerabilities with Apache 1.3.33 Number of Views SOFTWARE_TOKEN_NOT_AVAILABLE_IN_SYSTEM_WITH_EXP_CRITERIA error although tokens exist in RSA Authentication Manager 8.x Number of Views Data Purging process (as part of Data Archiving) fails with ORA-01722 in RSA Identity Governance & Lifecycle Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
