SecurID^®

Article Number 000068083 Applies To RSA Cloud Authentication Service - all versions Issue The RSA Cloud Authentication Service can be configured as a SAML Identity Provider, using one of the following RSA features: IDR-based SAML (SSO Portal) My Page SAML Application (Cloud-based SSO) Relying Party SAML This article provides steps to gather data about a SAML authentication problem to send to Support when further help is needed. Task General Troubleshooting Tips Prior to engaging RSA, you can refer to the following resources for some troubleshooting tips and items to check, depending on the type of problem that is occurring: Troubleshooting Cloud Authentication Service User Issues includes tips for SecurID App Installation, Authenticator Registration, Applications, Authentication Methods and General issues. Troubleshooting Cloud Authentication Service Identity Source Synchronization Monitor Uptime Status for the Cloud Authentication Service Test Access to Cloud Authentication Service View Identity Router Status in the Cloud Administration Console Monitor User Events in the Cloud Administration Console to check for failure reasons in the event messages logged here for user authentications. SecurID® Integrations .  Search this page for your application's vendor name to see if there is an RSA Ready Integration Guide that explains how to correctly configure SAML for your application. Resolution Troubleshooting Data to send to RSA Always send RSA the Basic Information  items listed below.  Other items should also be sent if they may be relevant to the problem or if requested by RSA.  The time zone for all dates and times is a critical item, so that RSA can reliably correlate events end-to-end. Basic Information Reproduce the issue, or wait until it occurs.  Send us the following data about the failed authentication: User ID, date and time (with time zone) of an example of the problem. For the specific authentication failure at step 1, also provide: Screenshot(s) and/or video of the attempt.  Make sure error messages and URLs are visible in the capture. User Event Monitor events Name and version of the application Configuration details, e.g. which RSA feature, such as IDR-based SAML, is being used and what integration instructions were followed to configure both RSA and the application?  Also provide screenshots of RSA Cloud Administration Console and application SAML configuration pages. User Event Monitor Events From the User Event Monitor , capture screenshot(s) of all events for the user around the date and time of the authentication attempt.  Make sure the full text of all relevant events are captured. If all events do not fit into one screenshot, scroll to the bottom of the User Event Monitor page, set results per page to maximum, and then print the web page to a PDF file.  Repeat for any additional pages. If the relevant events are no longer available in the User Event Monitor, you can instead Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU  . SAML Trace A SAML trace can be captured using one of the following methods: How to capture web sessions using browser Developer Tools for troubleshooting purposes in all RSA products How to capture web sessions using Fiddler for troubleshooting purposes Capture a SAML trace of the issue as follows: Start tracing Reproduce the issue.  Send us user ID, date and time (with time zone) of the attempt Stop tracing Save the trace to file and send us the trace file Send us the User Event Monitor events for the attempt at step 2 above. Send us the time zone set for the machine or device where the SAML trace was captured. Identity Router Log Bundles Identity Router (IDR) logs are useful when troubleshooting IDR-based SAML authentications, or functions provided by an IDR, such as Authentication Manager connectivity or identity source lookups.  Logs usually have to be gathered from all IDRs in the Cloud tenant, as it is not possible to predict which IDR will be used, or was used, for an authentication. Set the Identity Router Logging Level to Debug on all IDRs. Reproduce the issue.  Send us user ID, date and time (with time zone) of the attempt Set the Identity Router Logging Level to Standard on all IDRs.  Do not leave IDRs in debug mode for longer than necessary as it will cause logs to rotate more quickly and data will be lost sooner. Generate and Download the Identity Router Log Bundle from all IDRs.  This must be done from each IDR's setup.jsp pages and not from the Cloud Administration Console. Send us User Event Monitor events for the attempt at step 2 above. Application Logs Most SAML applications will also produce their own event logs.   Send any such logs to RSA as they may contain information that is useful to RSA's troubleshooting. If you cannot send the SAML application's log files themselves, send screenshots or "print to PDF" of relevant events in the logs, around the time of an authentication failure.  Be sure to tell us the time zone of the dates and times in the application's logs. Contact your application's support team if you are unsure where to find the application's logs. ... View more

Dears, Can you please let me know what for is used WebLogic on RSA AM and RSA AM Web-Tier? Can you please also let me know what is the risk if ever vulnerability CVE-2023-21839 is exploited? What kind of data can be retrieved and/or corrupted? Thanks ... View more

currently we have a single OU for the computers and a single security group for the users.  We have recently expanded the users beyond the original scope of the project and want to know if we can set up additional OU's for the computers and create new security groups for users based on their jobs or positions?  Or at least create an additional OU for the computers that has different group policies that will still trigger the RSA securID.    ... View more

We are exploring using RSA solution in China, as most of the users using android phone which don’t have google play, is there any alternative or solution to solve this problem? we saw there is a post mentioned https://community.rsa.com/t5/securid-software-token-for/rsa-securid-software-token-for-android-downloads/ta-p/564067 , but the amazon link seems not working and not update.   ... View more