RSA SecurID Access Cloud Authentication Service authentication fails with HTTP 500 Internal Server error
Originally Published: 2018-04-05
Article Number
Applies To
RSA Product/Service Type: Identity Router
RSA Version/Condition: all
Issue
It is very important to capture this type of problem happening while the Identity Routers (IDRs) are set to Debug level logging.
Cause
- An HTTP 500 Internal Server Error is defined as part of the HTTP protocol standard and is returned by an HTTP server to the HTTP client (usually, a web browser) when "...the [HTTP] server encountered an unexpected condition that prevented it from fulfilling the request." (RFC 7231). HTTP 500 is a generic error code that requires further investigation to try to determine what the condition actually was that triggered it.
- If HTTP 500 is encountered during an authentication with the RSA Cloud Authentication Service, it may have originated from either the RSA Identity Router, or the application that the user is attempting to access, or another server that is participating in the authentication process.
- This article focuses on investigating the RSA Identity Routers as the possible source of an HTTP 500 error. Additional steps outside the scope of this article may be required to check for possible issues with the application and other non-RSA servers.
Workaround
- Set all RSA Identity Routers (IDRs) in the deployment into Debug logging mode. See the RSA Cloud Administration Console online help for instructions to Set the Identity Router Logging Level.
- Reproduce the problem one or more times while the IDRs are in Debug logging mode. Note the date and time this was done.
- Capture a screenshot of the HTTP 500 error shown in the end user's web browser, and be sure that the screenshot includes both the page content and the URL shown at the top of the browser page.
- reboot / restart any or all of the IDRs, to see if that fixes the issue
- backout any recent configuration changes made in the RSA Cloud Administration Console, and publish
Don't forget to set the IDRs back to Standard logging mode when you have finished gathering data.
For further assistance, contact RSA Support and provide bundle logs from all IDRs in the deployment; date, time and timezone the issue was reproduced; screenshots of the HTTP 500 error in the web browser; plus other items as advised by the RSA Knowledgebase article Troubleshooting end user authentication failures with the RSA SecurID Access Cloud Authentication Service .
Related Articles
Error: 'HTTP 500 - Internal Server Error' while performing WebSSO between Asserting Party (AP) and Relying Party (RP) Number of Views Internal Server Error displays when logging in to the RSA SecurID Access portal Number of Views RSA Identity Governance & Lifecycle requests stuck in "Pending Verification" state when using Entitlement Requires Account… Number of Views Console and web tier virtual host certificates no longer trusted by Google Chrome 58.0.3029.81 in RSA Authentication Manag… Number of Views 'Could not deserialize result from HTTP invoker remote service' error when opening/editing workflows in RSA Identity Gover… Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
Don't see what you're looking for?
