Authentication failed error when attempting to log in to the RSA SecurID Access Cloud Administration Console

4 years ago

Originally Published: 2020-02-24

Article Number

000042711

Applies To

RSA Product Set: RSA SecurID Access
RSA Product/Service Type: Cloud

Issue

After enabling additional (step-up) authentication for the Cloud Administration Console, or after changing a setting, such as the Access Policy for additional authentication or the Assurance Level that it uses, one or more administrators are unable to log in to the Cloud Administration Console.

The following error shows when attempting to log in to the console after using the Forgot Password link:

Authentication failed

Cause

The Access Policy that is configured for step-up authentication denies the authentication. Some examples of why this may occur include:

The user is not in a target population that is configured in the Access Policy that can access the Cloud Administration Console.
The login attempt matches a Deny Access rule that is configured in the Access Policy. For example, logging in from a country that is denied access, or the user's network is not on the Trusted Network list.
The login attempt matches an Authenticate rule, but the configured Assurance Level only allows authentication methods that are not available to the administrator's user. For example,
- Approve when the administrator's user does not have a registered RSA Authenticate app device, or
- RSA SecurID when the administrator's user does not have an assigned RSA SecurID token.

Resolution

Follow the instructions for Troubleshooting Cloud Administration Console Issues to resolve the issue.

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change