RSA SecurID Access Cloud Authentication Service authentication fails with HTTP 500 Internal Server error
Originally Published: 2018-04-05
Article Number
Applies To
RSA Product/Service Type: Identity Router
RSA Version/Condition: all
Issue
It is very important to capture this type of problem happening while the Identity Routers (IDRs) are set to Debug level logging.
Cause
- An HTTP 500 Internal Server Error is defined as part of the HTTP protocol standard and is returned by an HTTP server to the HTTP client (usually, a web browser) when "...the [HTTP] server encountered an unexpected condition that prevented it from fulfilling the request." (RFC 7231). HTTP 500 is a generic error code that requires further investigation to try to determine what the condition actually was that triggered it.
- If HTTP 500 is encountered during an authentication with the RSA Cloud Authentication Service, it may have originated from either the RSA Identity Router, or the application that the user is attempting to access, or another server that is participating in the authentication process.
- This article focuses on investigating the RSA Identity Routers as the possible source of an HTTP 500 error. Additional steps outside the scope of this article may be required to check for possible issues with the application and other non-RSA servers.
Workaround
- Set all RSA Identity Routers (IDRs) in the deployment into Debug logging mode. See the RSA Cloud Administration Console online help for instructions to Set the Identity Router Logging Level.
- Reproduce the problem one or more times while the IDRs are in Debug logging mode. Note the date and time this was done.
- Capture a screenshot of the HTTP 500 error shown in the end user's web browser, and be sure that the screenshot includes both the page content and the URL shown at the top of the browser page.
- reboot / restart any or all of the IDRs, to see if that fixes the issue
- backout any recent configuration changes made in the RSA Cloud Administration Console, and publish
Don't forget to set the IDRs back to Standard logging mode when you have finished gathering data.
For further assistance, contact RSA Support and provide bundle logs from all IDRs in the deployment; date, time and timezone the issue was reproduced; screenshots of the HTTP 500 error in the web browser; plus other items as advised by the RSA Knowledgebase article Troubleshooting end user authentication failures with the RSA SecurID Access Cloud Authentication Service .
Related Articles
JSP Processing Error and HTTP Error Code: 500 when attempting to edit or create a new AFX Server on Websphere in RSA Ident… Number of Views Troubleshooting RSA MFA Agent for Microsoft AD FS Number of Views Running AFX Connectors start to fail, edited connectors remain in a Not Deployed state and 'Failed to start inbound endpoi… Number of Views RSA Authentication Agent for Web 7.1.2 on Microsoft IIS and Windows 2008 Server R2 has http 500 error when protecting ADFS… Number of Views RSA MFA Agent 3.0 for Microsoft AD FS Administrator's Guide Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8 Deploying RSA Authenticator 6.2.2 for Windows Using DISM Downloading RSA Authentication Manager license files or RSA Software token seed records
Don't see what you're looking for?
