Models, attributes, and error codes

Page created: 10 Jun 2021 |

Page updated: 8 Feb 2022

| 2 min read

RSA SecurID Other Documents Integrations Language English Integration Content Type Product documentation Audience Administrator

When using the RSA SecurID IdP Adapter through the PingFederate authentication API, the adapter uses the following state models, action models, objects, and error codes.

State models

Status	Response Model	Action	Description
SECURID_CREDENTIAL_REQUIRED	username (String Optional) remainingTries (int) allowUsernameEdits (boolean) authFailed (boolean) resetFailed (boolean)	checkCredential cancel	The SecurID credential is required for authentication.
SECURID_NEXT_TOKENCODE_REQUIRED		checkNextTokencode cancel	The next tokencode is required for authentication.
SECURID_REAUTHENTICATION_REQUIRED		checkPasscode cancel	A passcode is required for re-authentication.
SECURID_SYSTEM_PIN_RESET_REQUIRED	pin (String)	continue cancel	A new pin is generated for the user.
SECURID_USER_PIN_RESET_REQUIRED	pinMinLength (int) pinMaxLength (int) pinAlphabeticCharCount (int) pinNumericCharCount (int) pinAlphaNumeric (boolean) pinResetMessage (string) authFailed (boolean)	resetPin cancel	The user needs to reset the pin.

Action Models

Action	Request Model	Errors	Description
checkCredential	username (String) passcode (String)	Error: VALIDATION_ERROR Error Detail: USERNAME_REQUIRED Error Detail: USERNAME_NOT_NEEDED	Authenticate using SecureID credential.
checkNextTokencode	tokencode (String)		Wait until the tokencode changes, then enter the next tokencode.
checkPasscode	passcode (String)		Re-authenticate using the passcode. Wait until the passcode changes, then enter the next passcode.
resetPin	newPin (String) confirmPin (String)	Error: VALIDATION_ERROR Error Detail: PIN_MISMATCH Error Detail: INVALID_PIN	Reset the pin used to get a passcode.

Attributes

Attribute	Type	Description
username	String	The username used in first-factor authentication.
RemainingTries	int	The number of tries left.
pin	String	The new pin that the system generated for the user.
pinMinLength	int	The minimum length needed for the pin.
pinMaxLength	int	The maximum length needed for the pin.
pinAlphabeticCharCount	int	The minimum number of letters needed for the pin.
pinNumericCharCount	int	The minimum number of numbers needed for the pin.
pinAlphaNumeric	boolean	Whether the pin can be alphanumeric.
allowUsernameEdits	boolean	Username is not editable if the adapter is being used in second-factor authentication.
authFailed	boolean	Whether this attempt is the result of a failed authorization attempt.
resetFailed	boolean	Whether this attempt is the result of a failed pin reset attempt.
pinResetMessage	String	Pin reset requirement.

Error codes

An error code is returned if the call flow state has not reached a dead end, and the user can still authenticate with a device.

Error code	Message	userMessageKey	Parent code
INVALID_USERNAME	Username is not needed for second-factor authentication.	rsa.securid.error.invalid.username	VALIDATION_ERROR
USERNAME_REQUIRED	Username is required.	rsa.securid.error.missing.username	VALIDATION_ERROR
PIN_MISMATCH	The two pins entered are not the same.	rsa.securid.error.pin.mismatch	VALIDATION_ERROR
INVALID_PIN	The pin entered is invalid.	rsa.securid.error.invalid.pin	VALIDATION_ERROR