Customizing authentication error messages
When a user fails to sign on, PingFederate parses the response from the data store and shows a corresponding error message on the login page. In the password credential validator configuration, you can customize which error message is triggered based on the response from the data store.
About this task
By adding rules that check the data store response for specific text, you can trigger one of the default error messages or a custom error message that you define.
The default error messages are defined in <pf_install>/pingfederate/server/default/conf/language-packs/pingfederate-messages.properties
. This file is part of the PingFederate localization framework and can be adapted to other languages. See Localizing messages for end users in the PingFederate documentation.
Steps
-
Under Authentication Error Overrides, click Add a new row to 'Authentication Error Overrides'.
-
In the Match Expression field, type the text, including wildcards (
*
), that you want to trigger the error message.For example,
disabled
triggers an error message when the word "disabled" appears anywhere in the response from the data store. -
Set the error message that you want to show by doing one of the following:
-
If you want to use a default error message, in the Error list, select a default error message.
-
If you want to define a new error message:
-
In the Error list, select Custom Message Key.
-
In the Error Message Key field, type a unique key, such as
pingone.authn.srvr.msg.<your.key.suffix>
. -
Open
<pf_install>/pingfederate/server/default/conf/language-packs/pingfederate-messages.properties
for editing. -
Add a line with the error message key and message, in the following format:
pingone.authn.srvr.msg.<your.key.suffix>=There was an error. Please try again.
-
Save the file.
-
If you support multiple languages, repeat steps c-e for each equivalent file in
language-packs
. -
Restart PingFederate to reload the message files.
-
-
-
Click Update.