Authentication Dashboard
The Authentication Dashboard provides a comprehensive view of authentication activities, facilitating the monitoring and analysis of authentication patterns, including the number of successful and failed authentication counts, to ensure efficient access control within Cloud Access Service (CAS).
Access the Authentication Dashboard
Use the Authentication Dashboard to view authentication information for all users in your organization or for individual users within a specified timeframe.
Procedure
Sign in to the Cloud Administration Console.
In the Cloud Administration Console, click Dashboards > Authentication.
The dashboard includes the following sections:
Total Number of Authentications
This section provides a comprehensive count of all authentication events within CAS over specified time periods. You can monitor the daily count of successful and failed authentication attempts.
Authentications per Day
This section provides a comprehensive overview of authentication activity for the past 7, 14, and 21 days, as well as the past month. It displays the daily count of both successful and failed authentication attempts, enabling you to track usage trends and detect any significant changes over the specified period.
By default, the bar chart displays authentication activity collected over the past 7 days for all users in your organization who have authenticated through CAS. To access more detailed information, select a specific day to view the breakdown of authentication activity per hour in the subsequent graph.
To retrieve and track user event logs from CAS, refer to the Cloud Administration User Event Log API
Successful and Failed Authentications
The following table lists the events tracked for successful authentications.
| Event Code | Description |
|---|---|
| 103 | Authenticate OTP authentication succeeded. |
| 107 | Identity router API SecurID OTP response received - Authentication succeeded. |
| 201 | LDAP password authentication succeeded. |
| 230 | Unified Directory user password authentication succeeded. |
| 234 | Unified Directory user password authentication succeeded - password must be changed. |
| 340 | FIDO authentication succeeded. |
| 601 | Authentication Manager successfully authenticated SecurID OTP Credential. |
| 660 | Cloud Authentication Service successfully validated Hardware Authenticator credentials. |
| 701 | Approve authentication succeeded. |
| 801 | Biometric authentication succeeded. |
| 1501 | QR Code authentication succeeded. |
| 500 | Cloud Identity Provider (IDP) authentication succeeded. |
| 901 | Portal logon succeeded. |
| 2651 | Successful OATH HOTP authentication. |
| 20909 | OIDC - Successful user authentication through SSO. |
| 20910 | OIDC - Successful user authentication through Relying Party. |
| 20912 | OIDC - Successful user authentication through AAD Relying Party. |
| 21901 | SMS OTP verification succeeded. |
| 21951 | Voice OTP verification succeeded. |
| 26000 | Emergency Access Code verification succeeded. |
| 31101 | Verify OTP successful. |
The following table lists the events tracked for failed authentications.
| Event Code | Description |
|---|---|
| 30 | Authentication failed - Required parameter missing. |
| 31 | Authentication failed - User does not exist. |
| 32 | Authentication failed - User account disabled. |
| 33 | Authentication failed - Application not found. |
| 34 | Authentication failed - Rule not found. |
| 35 | Authentication failed - Method locked. |
| 36 | Authentication failed - Authenticator not registered or authentication method not enrolled. |
| 37 | Authentication failed - Internal error. |
| 38 | Authentication failed - Illegal access. |
| 39 | Authentication failed - Identity Source disabled. |
| 104 | Authenticate OTP authentication failed - Invalid OTP. |
| 105 | Authenticate OTP authentication failed - Previously used OTP detected. |
| 150 | Authenticate OTP authentication failed - Error occurred. |
| 154 | Authenticate OTP authentication method locked - User exceeded maximum OTPs allowed. |
| 108 | Identity router API SecurID OTP response received - Authentication failed. |
| 109 | Identity router API SecurID OTP authentication failed - User not found in identity source. |
| 110 | Identity router API SecurID OTP authentication failed - Username is associated with multiple user accounts. |
| 111 | Identity router API SecurID OTP authentication failed - User account disabled in identity source. |
| 112 | Identity router API SecurID OTP authentication failed - User email address not found in identity source. |
| 113 | Identity router API SecurID OTP authentication failed - Identity source unreachable. |
| 114 | Identity router API SecurID OTP authentication failed - Cloud Authentication Service unreachable. |
| 202 | LDAP password authentication failed - Unknown cause. |
| 203 | LDAP password authentication failed - Request timed out or identity router is not connected. |
| 207 | Password authentication failed - User not found. |
| 208 | Password authentication failed - Missing email or password. |
| 209 | LDAP password authentication failed - Invalid DN. |
| 211 | LDAP password authentication failed - LDAP server host unreachable. Invalid port or server is not running. |
| 212 | LDAP password authentication failed - LDAP server host unresolvable. |
| 213 | LDAP password authentication failed - Cannot establish a trusted SSL/TLS connection with the LDAP directory server. Check for invalid certificate. |
| 215 | LDAP password authentication failed - Logon failure: unknown username or invalid password. |
| 216 | LDAP password authentication failed - LDAP account restriction, for example logon time or policy restriction is enforced. |
| 217 | LDAP password authentication failed - Time restriction prevents logon for this LDAP account. |
| 218 | LDAP password authentication failed - LDAP account not permitted to authenticate via this identity router. |
| 219 | LDAP password authentication failed - LDAP password expired. |
| 220 | LDAP password authentication failed - LDAP account disabled. |
| 221 | LDAP password authentication failed - LDAP account configuration prevents logon. |
| 222 | LDAP password authentication failed - LDAP account expired. |
| 223 | LDAP password authentication failed - LDAP password must be changed using your company's internal procedures. |
| 224 | LDAP password authentication failed - LDAP account locked out. |
| 225 | LDAP password authentication failed - LDAP password locked for specified lockout duration. |
| 231 | Unified Directory user password authentication failed - Unknown cause. |
| 232 | Unified Directory user password authentication failed - Unknown username or invalid password. |
| 233 | Unified Directory user password authentication failed - Password locked for specified lockout duration. |
| 236 | Unified Directory user password authentication failed - password must be changed. |
| 238 | Unified Directory user password authentication failed - Password authentication is not allowed for users in the identity source. |
| 341 | FIDO authentication failed - FIDO protocol error. |
| 342 | FIDO authentication failed - RSA SecurID Access service error. |
| 343 | FIDO authentication failed - Unknown error. |
| 344 | FIDO authentication failed - FIDO token disabled. |
| 405 | Just-in-time synchronization failed to synchronize user with the Cloud Authentication Service - Disabled in directory server. |
| 407 | Just-in-time synchronization failed to synchronize user with the Cloud Authentication Service - Unknown reason. |
| 411 | Just-in-time synchronization failed to synchronize user with the Cloud Authentication Service - User not found. |
| 605 | Authentication Manager unable to authenticate SecurID OTP Credential - Invalid OTP. |
| 606 | Authentication Manager unable to authenticate SecurID OTP Credential - Invalid next OTP. |
| 607 | Authentication Manager unable to authenticate SecurID OTP Credential - Invalid PIN. |
| 608 | Unable to authenticate SecurID OTP Credential – Authentication Manager service unavailable. |
| 609 | Authentication Manager unable to authenticate SecurID OTP Credential - Unknown cause. |
| 611 | Authentication Manager unable to authenticate SecurID OTP Credential - Request timed out. |
| 663 | Hardware Authenticator authentication to Cloud Authentication Service failed - Invalid PIN and/or OTP. |
| 664 | Hardware Authenticator authentication to Cloud Authentication Service failed - Previously used OTP was reused for authentication. |
| 665 | Hardware Authenticator authentication to Cloud Authentication Service failed - Authenticator PIN not set. |
| 666 | Hardware Authenticator authentication to Cloud Authentication Service failed - Authenticator expired. |
| 667 | Hardware Authenticator authentication to Cloud Authentication Service failed - Authenticator disabled. |
| 671 | Hardware Authenticator authentication to Cloud Authentication Service failed - Authenticator credentials cannot be verified. |
| 702 | Approve authentication failed - User response timed out. |
| 703 | Approve authentication failed - User denied approval. |
| 705 | Approve authentication failed - Invalid credentials submitted. |
| 706 | Approve authentication failed - Operation is not allowed. |
| 708 | Approve authentication failed - No token found. |
| 709 | Approve authentication failed - All in-progress authentication requests cancelled. |
| 710 | Approve authentication cancelled. |
| 802 | Biometric authentication failed - User response timed out. |
| 803 | Biometric authentication failed - User denied access to biometric credentials. |
| 805 | Biometric authentication failed - Unexpected error. |
| 808 | Biometric authentication failed - All in-progress authentication requests cancelled. |
| 809 | Biometric authentication failed - Authenticator not found. |
| 810 | Biometric authentication cancelled. |
| 1503 | QR Code authentication failed - User denied approval. |
| 1505 | QR Code authentication failed - Invalid QR code. |
| 1506 | QR Code authentication failed - Operation is not allowed. |
| 1508 | QR Code authentication failed - Empty QR code found. |
| 1510 | QR Code authentication cancelled. |
| 1513 | QR Code authentication failed - QR code has expired. |
| 501 | Cloud Identity Provider (IDP) authentication failed. |
| 902 | Portal logon failed - Authentication failed. |
| 903 | Portal logon failed - Credentials are associated with multiple user accounts. |
| 904 | Portal logon failed - Internal server error. |
| 905 | Portal logon failed - Concurrent session limit reached. |
| 906 | Portal logon failed - Password reset required. |
| 933 | Password authentication succeeded - Client does not support required additional authentication methods - Access denied. |
| 935 | Unsuccessful password authentication - Access denied. |
| 940 | Password authentication succeeded - User prohibited by policy settings - Access denied. |
| 941 | Password authentication succeeded - Access prohibited by conditional policy settings - Access denied. |
| 2650 | Unified OTP authentication factor does not match policy. |
| 2652 | OATH HOTP authentication failed due to invalid OTP. |
| 2653 | OATH HOTP authentication failed due to the factor being locked. |
| 2654 | OATH HOTP authentication to Cloud Authentication Service failed as the authenticator credentials cannot be verified. |
| 2655 | OATH HOTP authentication to Cloud Authentication Service failed as the authenticator is disabled. |
| 2656 | OATH HOTP authentication failed as the authenticator has no PIN set. |
| 2657 | OATH HOTP authentication failed due to invalid PIN and/or OTP. |
| 20601 | RADIUS - LDAP authentication succeeded - Access denied. Policy does not contain RADIUS-compatible methods for additional authentication. |
| 20602 | RADIUS - LDAP authentication succeeded - Access denied. No authenticators were found for additional authentication methods. |
| 20603 | RADIUS - Invalid format for additional authentication request - Access denied. |
| 20604 | RADIUS - Invalid checklist attributes - Access denied. |
| 20605 | RADIUS - Cloud Authentication Service request timed out - Access denied. |
| 20606 | RADIUS - Approve authentication failed - Method timeout. |
| 20608 | RADIUS - Biometric authentication failed - Method timeout. |
| 20609 | RADIUS - Authentication failed - Internal error. |
| 20610 | RADIUS - Approve authentication failed - Authentication could not be completed within push notification timeout. |
| 20611 | RADIUS - Biometric authentication failed - Authentication could not be completed within push notification timeout. |
| 20615 | RADIUS - Authentication failed. |
| 20701 | Access denied - User not a member of any identity source in access policy. |
| 20702 | Access denied - User does not match rule set in access policy. |
| 20703 | Access denied - Policy authentication conditions deny access. |
| 20802 | SMS OTP message transmission attempt failed - Invalid phone number. |
| 20803 | SMS OTP message transmission attempt failed. |
| 20805 | SMS OTP delivery failed. |
| 20852 | Voice OTP call attempt failed - Invalid phone number. |
| 20853 | Voice OTP call attempt failed. |
| 20855 | Voice OTP delivery failed. |
| 20902 | OIDC - Response sent for unsuccessful user authentication. |
| 20903 | OIDC - Error response sent. |
| 20905 | OIDC - User has denied access to resource. |
| 21902 | SMS OTP verification failed. |
| 21904 | SMS OTP verification failed – internal error. |
| 21952 | Voice OTP verification failed. |
| 21954 | Voice OTP verification failed – internal error. |
| 26001 | Emergency Access Code verification failed. |
| 26002 | Emergency Access Code not configured. |
| 26003 | Emergency Access Code is expired. |
| 26004 | Emergency Access Code locked - User previously exceeded maximum attempts. |
| 26005 | Emergency Access Code now locked. |
| 31102 | Verify OTP failed - OTP don't match. |
| 31103 | Verify OTP Expired - Verify OTP Expired. |
| 31104 | Verify OTP failed - Verify OTP retry exhausted. |
| 31105 | Verify OTP failed - Verify OTP not generated or not found. |
| 31106 | Verify OTP failed - Verify OTP mode is incorrect. |
Authentications per Hour
This section allows you to explore detailed authentication activity breakdowns by hour. You can select specific data points to visualize the hourly distribution of authentication events. This detailed view helps identify peak activity periods and understand patterns of success or failure rates within daily operations.
Authentications per User
This table summarizes authentication activities for each user, displaying their user ID along with counts of successful and failed authentication attempts. You can select a user's row to view detailed data on the applications accessed and the authenticators used by that user. When a user is selected in the "Authentications per User" section, all authentication events linked to that user are simultaneously displayed in the "Authentications per App" and "Authentications per Authenticator" sections. This integration enables you to gain a comprehensive understanding of the applications accessed and the authenticators utilized by the selected user.
The value UNKNOWN in the graph signifies that the authentication event did not include details about the user attempting to authenticate. This can occur when the authentication process fails before the user was evaluated.
Authentications per Application
This section visualizes how authentication events are distributed across applications or resources associated with the selected user. This graph highlights which applications the user has accessed and displays the number of successful and failed authentication attempts for each application over a specified period.
The value OTHER in the graph signifies that the application and authenticator were unavailable for that event. This can occur in several scenarios, such as:
The user was not authenticating to an application, but rather an MFA API call was made to evaluate credentials or a policy.
The authentication failed before the product could begin evaluating the target application.
Authentications per Authenticator
This section displays the distribution of authentication events across different authenticators used by the selected user. The graph provides insights into the specific authenticators used by the user and shows the counts of successful and failed authentication attempts associated with each authenticator over a specified period.
The value OTHER in the graph signifies that the application and authenticator were unavailable for that event. This can occur in several scenarios, such as:
The user was not authenticating to an application, but rather an MFA API call was made to evaluate credentials or a policy.
The authentication failed before the product could begin evaluating the target application.
The authentication failed before the product could start assessing the user's credentials.
Related Articles
RSA Governance & Lifecycle Open LDAP Connector Datasheet Guide Number of Views RSA Governance & Lifecycle LDAP Novell eDirectory Connector Datasheet Number of Views Release Notes Archive - Cloud Authentication Service and Authenticators (August 2020 - March 2020) Number of Views RSA SecurID Hardware Token Data Sheet Number of Views Where is the tem-service.config file in DLP 9.5? Number of Views
Trending Articles
How to recover the Application and AFX after an unexpected database failure in RSA Identity Governance & Lifecycle Troubleshooting AFX Connector issues in RSA Identity Governance & Lifecycle RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026)
