Troubleshoot 'User is not enrolled for identity confirmation methods' error

3 years ago

Originally Published: 2011-06-23

Article Number

000045816

Applies To

Authentication Manager Express
AMX
RBA
User is not enrolled for any of the allowed identity confirmation authentication methods

Issue

Troubleshoot "User is not enrolled for identity confirmation methods" error
AMX authentication monitor shows "User is not enrolled for any of the allowed identity confirmation authentication methods".

Cause

The authentication has generated an assurance level below the configured assurance threshold AND the user has not configured a secondary challenge (identity confirmation) method for their account. This will occur for initial authentication with silent collection disallowed. This can also occur with silent collection allowed but after the silent collection period has expired (and without configuring a secondary challenge method).

Resolution

If silent collection is not allowed, users must be instructed to configure their secondary challenge method(s) via the self self-service console before their first RBA authentication. If silent collection is allowed then normally AMX will prompt a user to set up their identity confirmation method after a high assurance authentication (e.g. from a known device). If this has not been done before the silent collection period ends then the user must use the self-service console to configure their identity confirmation method.

Notes

Identity confirmation methods can be either security questions or on-demand authentication (or both).

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles