Error messages returned by Trusted Device microservice

The error message the Trusted Device microservice and its endpoint return fall into different categories, marked with error code ranges.

Orchestration errors
Category Error code range Examples
System [-1099, -1000] Issues with the connection, a microservice, the database, or unexpected internal server issues. See also System error messages.
User account [-1199,-1100]

The user is locked, disabled, does not exist, etc. See also User account error messages.

Provisioning [-1299,-1200] Problems with the ephemeral key, activation code, activation password, registration ID, authenticator limit, etc. See also Provisioning error messages.
Authenticator [-1399,-1300]

Problems with the decryption or encryption on the server side, the verification of signatures, OTPs, or secure messages, the creation of secure messages etc., or authenticator not found and/or not assigned. See also Authenticator error messages.

Session [-1499,-1400]

Request ID not found. See also Session error messages.

Risk [-1599,-1500]

Failures of the Risk Management component, problems with the Client Device Data Collector (CDDC). See also Risk Management component error messages.

Authentication [-1699,-1600] Authentication failure during authentication validation. See also Authentication error messages.
Transaction [-1799,-1700] Transaction failure during signature validation. See also Transaction error messages.

The following system error messages are possible:

System error messages
Error code Message Examples: Custom payload / additional message Error type Cause How to solve
-1000 Internal Server Error   UNKOWN This is an unexpected error and needs to be investigated by the OneSpan support staff. Contact [email protected] for Intelligent Adaptive Authentication.
-1001 Communication Error Input data validation failed. GENERIC
  • Bad payload
  • invalid URL
  • invalid headers
  • invalid HTTP request
Verify the mobile app integration with the Orchestration SDK , contact [email protected] for Mobile Security Suite.
-1002 Internal Server Error Failed to decode input data UNKNOWN Calling the orchestration messaging failed for technical reasons. Contact [email protected] for Intelligent Adaptive Authentication.
-1003 Internal Server Error Failed to encode output data UNKNOWN Calling the orchestration messaging failed for technical reasons. Contact [email protected] for Intelligent Adaptive Authentication.
-1004 Internal Server Error Failed to encode output data UNKNOWN The call to the orchestration messaging failed to encode an ErrorEncodeInput data transfer object. Contact [email protected] for Intelligent Adaptive Authentication.

The following user account error messages are possible:

User account error messages
Error code Message Examples: Custom payload / additional message Error type Cause How to solve
-1100 Internal Server Error   UNKOWN This is an unexpected error and needs to be investigated by the OneSpan support staff. Contact [email protected] for Intelligent Adaptive Authentication.
-1101 User account not found userId: '%s', domain: '%s' GENERIC The user account is referenced by the mobile app but does not (anymore) exist in Intelligent Adaptive Authentication. Retry with a registered user account.
-1102 User account not userId: '%s', domain: '%s' GENERIC The user account has been locked after multiple failed authentication attempts. Unlock the user account with the POST /users/{userID@domain}/unlock endpoint
-1103 User account not userId: '%s', domain: '%s' GENERIC The user account was disabled by an administrative call. Enable the user account via the PATCH /users/{userID@domain}.
-1104 User account not userId: '%s', domain: '%s' GENERIC User account past its expiration date Contact [email protected] for Intelligent Adaptive Authentication to enable user account (or use Web Administration interface of the Authentication component).
-1105 User account not userId: '%s', domain: '%s' GENERIC The administration user account cannot be used.  

The following provisioning error messages are possible:

Provisioning error messages
Error code Message Examples: Custom payload / additional message Error type Cause How to solve
-1200 Internal Server Error Client component does not exist. An internal error occurred while attempting to call dsappSrpGgenerateEphemeralKey UNKOWN This is an unexpected error and needs to be investigated by the OneSpan support staff. Try to restart the workflow later, contact [email protected] for Intelligent Adaptive Authentication.
-1201 The registration session was not found   GENERIC The session expired. Restart the activation workflow
-1220 License not supported   GENERIC The multi-device licensing (MDL) authenticator license assigned to the user account does not supportDSAPP-SRP activation for the Orchestration SDK. Unassign the license from the user account and select another license (type DAL10).
-1221 The authenticator activation limit has been reached Number of activation attempts exceeds number allowed. GENERIC When the number of activation attempts exceeds the allowed limit for a given authenticator. Reset the provisioning activation count of the license with the POST /authenticators/{serialNumber}/reset-activation endpoint.
-1222 Invalid client evidence message   GENERIC

The client-side DSAPP SDK or Orchestration SDK generated wrong data.

One possible failure reason could be that the user entered invalid date (e.g., outdated activation password).

Try restarting activation or assigning a different MDL license to the user account, and contact [email protected] for Mobile Security Suite.
-1223 Internal Server Error Failed to encrypt activation data> UNKNOWN Encryption failed on the server side. Retry later or try assigning

a different MDL license to the user account, and contact [email protected] for Intelligent Adaptive Authentication.

-1230 License not supported   GENERIC The MDL authenticator license that is assigned to the user account does not support DSAPP-SRP activation for the Orchestration SDK. Unassign the license from the user account and select another license (type DAL10).
-1231 The authenticator activation limit has been reached The authenticator limit has been reached GENERIC

When the number of activation attempts exceeds the allowed limit for a given authenticator type.

Remove old, unused, and/or previously activated authenticator instances from the user account.
-1232 Invalid device code   GENERIC The client-side Digipass SDK or Orchestration SDK generated wrong data. Try assigning a different MDL license to the user account, and contact [email protected] for Mobile Security Suite.
-1240 Invalid signature   GENERIC The client-side Digipass SDK generated a wrong signature of Activation Message 2. Try synchronizing the client time, or assigning a different MDL license to the user account, and contact [email protected] for Mobile Security Suite.
-1250 Invalid push notification ID format   GENERIC The client-side Digipass SDK, Notification SDK, or Orchestration SDK generated wrong data. Try registering for Push Notificationagain and contact [email protected] for Mobile Security Suite.
-1251 Failed to decrypt push notification ID   GENERIC The client-side Digipass SDK, Notification SDK, or Orchestration SDK generated wrong data. Try registering for Push Notificationagain and contact [email protected] for Mobile Security Suite.

The following authenticator error messages are possible:

Authenticator error messages
Error code Message Examples: Custom payload / additional message Error type Cause How to solve
-1300 Internal Server Error   UNKOWN This is an unexpected error and needs to be investigated by the OneSpan support staff. Contact [email protected] for Intelligent Adaptive Authentication.
-1301 Authenticator not found domain: '%s', serialNumber: '%s', sequence: '%d' GENERIC The user account does not have any assigned authenticator (anymore). Register a new authenticator to the user account.
-1302 Invalid authenticator domain: '%s', serialNumber: '%s', sequence: '%d' GENERIC The client requested to use an authenticator instance which does not support the required functionality. Try assigning a different MDL license to the user account, contact [email protected] for Mobile Security Suite.
-1303 Payload incomplete   GENERIC The client-side Digipass SDK, Secure Messaging SDK, or Orchestration SDK did not provide the complete Secure Channel message. Contact [email protected] for Mobile Security Suite.
-1304 Invalid message format   GENERIC The client-side Digipass SDK, Secure Messaging SDK, or Orchestration SDK provided the Secure Channel message in an invalid format. Contact [email protected] for Mobile Security Suite.

The following session error messages are possible:

Session error messages
Error code Message Examples: Custom payload / additional message Error type Cause How to solve
-1400 Internal Server Error   UNKOWN This is an unexpected error and needs to be investigated by the OneSpan support staff. Contact [email protected] for Intelligent Adaptive Authentication.
-1401 Session not found requestId: '%s' GENERIC The request ID is invalid or has timed out. Restart the workflow to generate a new session.

The following Risk Management component error message is possible:

Risk Management component error messages
Error code Message Custom payload / additional message Error type Cause How to solve
-1500 Internal Server Error   UNKOWN This is an unexpected error and needs to be investigated by the OneSpan support staff. Contact [email protected] for Intelligent Adaptive Authentication.

The following authentication error messages are possible:

Authentication error messages
Error code Message Custom payload / additional message Error type Cause How to solve
-1600 Internal Server Error   UNKOWN This is an unexpected error and needs to be investigated by the OneSpan support staff. Contact [email protected] for Intelligent Adaptive Authentication.
-1601 Authentication failed   GENERIC The client provided invalid data like an invalid OTP, invalid password, etc. Provide the valid data (OTP, password) required for authentication, try synchronizing the client time.

The following transaction error messages are possible:

Transaction error messages
Error code Message Examples: Custom payload / additional message Error type Cause How to solve
-1700 Internal Server Error   UNKOWN This is an unexpected error and needs to be investigated by the OneSpan support staff. Contact [email protected] for Intelligent Adaptive Authentication.
-1701 Signature validation failed   GENERIC The client provided invalid signature data. Provide valid signature data based on the transaction fields, try synchronizing the client time.