--- title: Failure node description: The Failure node is a required element indicating the journey ended in failure. component: auth-node-ref version: latest page_id: auth-node-ref::failure canonical_url: https://docs.pingidentity.com/auth-node-ref/latest/failure.html keywords: ["Nodes & Trees", "Journeys", "Authentication"] page_aliases: ["auth-node-failure.adoc"] superseded_by: https://docs.pingidentity.com/auth-node-ref/latest/failure.html section_ids: examples: Examples availability: Availability inputs: Inputs dependencies: Dependencies configuration: Configuration outputs: Outputs outcomes: Outcomes errors: Errors --- # Failure node The Failure node is a required element indicating the journey ended in failure. ## Examples All authentication journeys have a Failure node as one of their terminals. ## Availability | Product | Available? | | ------------------------------------- | ---------- | | PingOne Advanced Identity Cloud | Yes | | PingAM (self-managed) | Yes | | Ping Identity Platform (self-managed) | Yes | ## Inputs The failure outcomes of any preceding nodes. ## Dependencies This node has no dependencies. ## Configuration This node has no configurable properties. ## Outputs This node doesn't change the shared state. ## Outcomes The authentication journey completes, ending in failure, and the user is redirected to a failure URL. Find more information in [Failure URL precedence](https://docs.pingidentity.com/pingoneaic/am-authentication/redirection-url-precedence.html#failed-url-precedence). ## Errors The error depends on the Login Failure Lockout Mode setting for the realm. You can change this under Native Consoles > Access Management > Realms > *Realm Name* > Authentication > Settings > Account Lockout > Login Failure Lockout Mode. Without the setting enabled, by default, the node returns an error with a message such as the following: ```json {"code":401,"reason":"Unauthorized","message":"Login failure"} ``` With the setting enabled, the node checks the invalid attempts property of the user profile and does the following: * Returns a warning message if the number of failed attempts is equal to or greater than the Authentication > Settings > Account Lockout > Warn User After N Failures setting: ```json { "code": 401, "reason": "Unauthorized", "message": "Warning: You will be locked out after 1 more failure(s).", "detail": { "failureUrl": "" } } ``` * Increments the failure count in the user profile. * Returns an error message if the account is `Inactive`: ```json { "code": 401, "reason": "Unauthorized", "message": "User Locked Out.", "detail": { "failureUrl": "" } } ``` To troubleshoot an authentication failure, review the steps in the journey to find what caused the failure.