Customizing authentication error messages
When a user fails to sign on, PingFederate parses the response from the datastore and shows a corresponding error message on the login page. In the password credential validator configuration, you can customize which error message is triggered based on the response from the datastore.
About this task
By adding rules that check the datastore response for specific text, you can trigger one of the default error messages or a custom error message.
The default error messages are defined in <pf_install>/pingfederate/server/default/conf/language-packs/pingfederate-messages.properties
. This file is part of the PingFederate localization framework, and can be adapted to other languages. Learn more in Localizing messages for end users in the PingFederate documentation.
Steps
-
Under Authentication Error Overrides, click Add a new row to 'Authentication Error Overrides'.
-
In the Match Expression field, enter the text, including wildcards (
*
), that you want to trigger the error message.For example,
*disabled*
triggers an error message when the word "disabled" appears anywhere in the response from the datastore. -
Set the error message that you want to show:
Choose from:
-
To use a default error message, in the Error list, select a default error message.
-
To define a new error message:
-
In the Error list, select Custom Message Key.
-
In the Error Message Key field, enter a unique key, such as
pingone.authn.srvr.msg.<your.key.suffix>
. -
Open the
<pf_install>/pingfederate/server/default/conf/language-packs/pingfederate-messages.properties
file. -
Add a line with the error message key and message.
Use the following format:
pingone.authn.srvr.msg.<your.key.suffix>=There was an error. Please try again.
-
Save the file.
-
If you support multiple languages, repeat steps c-e for each equivalent file in
language-packs
. -
Restart PingFederate to reload the message files.
-
-
-
Click Update.