This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
JimmyTran1
Beginner
Beginner
‎2017-07-05 10:30 AM

RSA SecurID Authentication - REST API

Jump to solution

Hi,

I'm looking to implement RSA authentication using the REST API. I was able to make the call against AM but it's returning back with -

 

"credentialValidationResults":[{"methodId":"SECURID","methodResponseCode":"FAIL","methodReasonCode":"VERIFY_ERROR","authnAttributes":[]}],"attemptResponseCode":"FAIL","attemptReasonCode":"VERIFY_ERROR","challengeMethods":{"challenges":[]}

 

I'm pretty certain I'm putting in the correct subjectId (username) and the generated token after I entered in my PIN. I looked through the PDF documentation but couldn't find anything related to this error.

 

Any idea?

 

Thanks

Labels (1)
Labels
0 Likes
Reply
1 Solution

Accepted Solutions
JimmyTran1
Beginner
Beginner
In response to TedBarbour
‎2017-07-06 03:34 PM

Jump to solution

Thanks Ted. Unfortunately, I did not have access to those logs. I had to get my systems team involved in the troubleshooting process. We were able to resolve it with tech support help. The issue was related to the clientId field, it had to have FQDN.

View solution in original post

Reply
3 Replies
TedBarbour
Employee
Employee
‎2017-07-06 03:14 PM

Jump to solution

Hi Jimmy Tran - did you check for authentication activity messages at the Authentication Manager?

Also, for troubleshooting purposes you might enable the user you are testing with to use a simple fixed passcode.   This would help ensure you are correctly providing a valid passcode.

Reply
JimmyTran1
Beginner
Beginner
In response to TedBarbour
‎2017-07-06 03:34 PM

Jump to solution

Thanks Ted. Unfortunately, I did not have access to those logs. I had to get my systems team involved in the troubleshooting process. We were able to resolve it with tech support help. The issue was related to the clientId field, it had to have FQDN.

Reply
PiersB
Trusted Contributor Trusted Contributor
Trusted Contributor
In response to JimmyTran1
‎2017-07-17 06:44 PM

Jump to solution

You are correct, the "clientId" must be a named agent in the database as outlined in the RSA SecurID Authentication API Developer's Guide.

 

Just to clarify, although the "clientId" has to contain an agent name, it is not required to contain the FQDN of the agent. The client calling the API may choose to provide a logical name like "VPN Cluster Node" instead and use that logical name on all appropriate client systems. Agents are no longer required to have an IP address and can be a "logical" agent for access control purposes.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.