Troubleshoot Push Authentication

FAQs

HID Approve Registration Issues

Authentication and Push Issues

Error Codes

Internal Errors

Code HIDErrorCode​ Error Comment

0

HIDInternal

Unexpected error occurred

Incorrect parameters in DT_TDSV4

Contact your system administrator.

1

HIDNotImplemented

Method is not implemented

2 ​

HIDUnsupportedOperation

Operation is not supported by the object ​

3

HIDInvalidArgument

The given parameter is not valid or required

Rejected by input validation controls

4

KeyGenerationFailure

Unable to generate internal credential

SDK initialization failure at startup

5

ProtectionPolicyFailure

Unable to create or locate internal protection policy

SDK initialization failure at startup

6

SecureDataFailure

Unable to create or locate internal credential data

SDK initialization failure at startup

7 UnsupportedVersion Container version is not supported and cannot be upgraded  
8 InvalidContainer Container identifier is invalid or does not exist  

Credential Errors

Code HIDErrorCode​ Error Comment​

100

HIDAuthentication

Authentication failure

Incorrect password entered or locked ​password

101 ​

HIDInvalidPassword ​

Password fails policy requirements ​

Locked password ​

102 ​

HIDCredentialsExpired ​

Credentials used to sign the transaction have expired ​

Check Key validity period set in server key Credential Types ​

103 ​

HIDPasswordExpired ​

Password has expired and requires a change of password ​

Check "HISTMAXAGE“ policy in DT_TDSV4>Device type Adapter "Container keys protection policy"

Contact your system administrator.

104

HIDPasswordNotYetUpdatable

Password cannot be changed yet

Check "HISTMINAGE“ policy in DT_TDSV4>Device type Adapter "Container keys protection policy"

Contact your system administrator.

105

HIDPasswordRequired

No password provided

Invalid fingerprint

106

HIDLostCredentials

Provisioning key securing the transaction has been wiped

107

HIDInvalidChallengeTooLong

Challenge is too long with respect to the OTP generator configuration

Application could not generate secure code as signature data does not respect length policy (as defined in the Credential Type OCRA suite) ​

108

HIDInvalidChallengeBadFormat

Challenge does not have the format expected by the OTP generator configuration

Application could not generate secure code as the signature data does not have the correct format (as defined in the Credential Type OCRA suite)

109

HIDPasswordCancelled

The password event has been canceled by the user

110

SerialNumberRequired

Device serial number is required to upgrade from HID Approve 5.1 or lower (Android)

Device Errors

Code HIDErrorCode​ Error​ Comment​

200

HIDUnsupportedDevice

Device Configuration is not supported

Rooted phone ​

201

HIDUnsafeDevice

Device is not safe enough to store sensitive secrets

202

HIDFingerprintNotEnrolled

Fingerprints have not been enrolled

No user biometrics on phone

203

HIDUserCancelled

User has canceled the operation

User canceled biometrics

204

HIDFingerprintAuthenticationRequired

Authentication with fingerprint is required to perform the operation

205

​HIDUnsupportedOperationMode

Device configuration is not supported

Non-FIPS device in a FIPS configuration

206

GooglePlayServicesObsolete

Google Play Services is not up to date (Android)

207

BiometricAuthenticationNotEnabled

Enabling biometric authentication is required to perform the operation

Communication Errors

Code HIDErrorCode​ Error​ Comment​

300

HIDServerAuthentication

Authentication failure

  • QR code has expired (as defined in CT_TDSOOB)
  • QR code was already used
  • User ID or invite code is incorrect
  • User authenticator is disabled or locked (too many failures)
  • Cannot send feedback for the Authentication (that is, both CIBA and JMS feedback (AMQ) are configured but a default JMS topic value is not set for the spl-api user)

301

HIDInternal

Unexpected error occurred server protocol version is not supported by the client

302

HIDServerProtocol

Unexpected failure has occurred in the implementation layer

Incorrect policy in DT_TDSV4 Container keys protection policy

Contact your system administrator.

303

HIDRemote

Execution of a remote method call failed

Possible SSL handshake failure - verify the proxy configuration

Contact your system administrator.

304

ServerUnsupportedOperation

The server does not support the requested operation

Service Key renewal is requested for server not supporting SKR (server responds with an HTTP error 400)

305

HIDServerOperationFailed

The server was not able to execute the requested operation

Service Key renewal is requested for an unassigned device (server responds with an HTTP error 500)

306

ServerCustomizationInvalid

The server's mobile-app customization package is invalid or contains an invalid data

Transaction Errors

Code HIDErrorCode​ Error​ Comment​

1000

HIDTransactionExpired

Transaction has expired

Transaction exceeded its validity and has been removed from the list of pending transactions. Check validity in AT_TDS (for action) or AT_PASA (for login) > Constraints > "Challenge timeout period (s)"

Contact your system administrator.

1001

HIDTransactionContainerInvalid

Transaction id refers to a container that does not exist

The service was deleted on the phone but not on the server

Other Errors

Code HIDErrorCode Error Comment

10000

UnexpectedError

An unexpected error occurred

System upgrade error on server.

The user needs to renew the service on the upgraded server.

10003

BadUrl

URL is incorrect

The user has entered an URL that contains unsupported characters during manual registration.

The user needs to re-enter the correct URL to manually register a service.

10007

CredentialExpired

The credential has expired

The user selected a service with an expired OTP credential or performed a push operation (Logon/Action) for a service with expired RSA keys credentials.

The user needs to re-register the service to create a new credential.

10008

(null)

The Push ID is missing

The user's device fails to retrieve a push ID from Apple, Google or Windows Azure server.

Contact your system administrator.

10009

(Windows 10)

Incorrect_URI

This service cannot be registered

Server configuration error.

Contact your system administrator.