The Unlock Entrust ST application procedure cannot be completed because both the Identity as a Service account and Entrust ST are locked.
Both the Identity as a Service account and Entrust ST are locked.
1. Press Unlock.
2. Go to and press Reinitialize.
This resets all of the authenticators that have been created on your Entrust mobile application, but it will allow you to recreate your first new identity again, after which you will be prompted to enter a new passcode.
The administrator cannot log in to their account because the only authenticator assigned to their user profile was deleted.
Operational error
Contact the Entrust support team at support@entrust.com.
The following error message was received on the Entrust Soft Token (ST) mobile application, "The soft token could not be activated because the activation code has expired. Return to your Identity Provider and attempt the action again."
The Activation code has expired. You can change the amount of time a user has to complete the authenticator activation process when configuring the Entrust ST authenticator settings.
1. Press OK.
2. Click Reactivate on the Identity as a Service user authenticators page to send another "Activate your Entrust Soft Token" e-mail, which will contain a new QR code and passcode.
3. On your Entrust ST mobile application, delete the authenticator that you failed to register with Identity as a Service because of the expiry.
4. Reattempt to Activate an Entrust Soft Token.
5. If your problem persists after completing the aforementioned steps a second time, contact support@entrust.com for assistance.
The error message, "An identity with the specified name already exists." was generated by the Entrust ST mobile application.
An authenticator with the same name has already been created on this Entrust ST mobile application. Two authenticators with the same name cannot exist on the same Entrust ST mobile application, and so the new authenticator you are attempting to register cannot complete its registration.
1. Press OK.
2. Enter a unique name into the Name field within the Activation Details section of the Activation Summary on your mobile application.
3. Confirm that the new name you have entered is not shared by another authenticator registered on this specific Entrust ST mobile application.
4. Press Activate.
5. If your problem persists, and it is not due to an activation link expiry, contact support@entrust.com.
The Google authenticator application generated the following message after attempting to register Google Authenticator information through manual entry: "Invalid key - The key sequence of numbers and letters is invalid."
The key entered into the Google Authenticator is incorrect
1. Press OK.
2. Review and compare each character entered in the key activation code that you entered into the Google Authenticator window.
3. If inconsistencies are identified, replace them with the correct numbers or characters.
4. If the problem persists, contact support@entrust.com.
The Reset token window generated the error message: "Invalid Response."
The passcode entered is incorrect.
1. Confirm that the code you have entered is being generated by the authenticator you want to reset.
2. Confirm that every digit in the code you have entered is correct.
3. If both confirmations prove to be true, contact support@entrust.com for assistance.
When a token is activated on a user's profile, the user receives an activation e-mail.
1. Confirm that the email address for the user is correct.
2. Click Reactivate to send the user another e-mail.
3. Check the spam folder of the intended recipient's email account to confirm that the email was not sent there by accident.
4. If the user still does not receive an activation e-mail, contact the Entrust support team at support@entrust.com.
The user cannot activate their token on the user portal after receiving the token activation email from Identity as a Service.
1. Confirm that the activation type you are trying to use is supported by your mobile soft token. An Entrust Soft Token (ST) may not support all of the activation types on Blackberry, Windows Phone 8 or Java 2 Platform, Micro Edition mobile devices.
2. Your activation email may have expired. If that is the case, consult the troubleshooting solution steps associated with, "The following error message was received on the Entrust Soft Token (ST) mobile application, "The soft token could not be activated because the activation code has expired. Return to your Identity Provider and attempt the action again.""
The token does not work when a user attempts to authenticate.
1. Check if the user and authenticator being used are both active. If either are not, activate the inactive entity accordingly.
2. If there are no authenticators assigned to the user's profile, assign and activate the authenticator to them.
3. Confirm that the resource rule controlling access to the application is configured to allow the user to authenticate. Reconfigure the resource rule if required.
4. Check if the user is locked out of their account. If the user is locked out, contact a Super Administrator and ask them to unlock the user's account. If the issue cannot be resolved through the administrator, contact support@entrust.com.
5. Confirm that the clock on your mobile device is synced with the clock of the mobile device carrier (including for daylight savings). This may be causing a clock drift that is preventing you from authenticating correctly. If the two clocks are in sync and the problem is still being experienced, replace the malfunctioning authenticator with a new one.
Error message received
when creating new password for user, 
The password you are attempting to assign to the user is in the user's password history. You cannot assign a user a password that already exists in the user's password history.
There are a few ways to resolve this issue:
· Assign a password to the user that has not been given to them before.
· At
Administrator/Members/Users/User Details/Authenticators,
click 
next to the user's
password you are trying to change. This clears the user's password
history, allowing you to now assign any password you want.
· Disable the Password History setting
a. Go to Administrator / Settings /Authenticator Settings
b. click the Password Authenticator tab
c. Under Password Kept in History, enter 0. The password history is disabled, allowing you to enter any password that meets the other password constraints configured.
Error message received when activating mobile smart credential, "Certificate validation error communicating to <URL>. Contact your Identity Provider."
Failed connection between mobile smart credential application and Identity as a Service account.
1. Confirm that both the networks being used to access the mobile application and Identity as a Service account allow communication between them. Accessing one on a private network and the other on a public network could cause network communication issues.
2. If the problem persists, contact support@entrust.com.
Error message received when activating a mobile smart credential using a QR code, "Failed to activate your identity. Registration password has expired or is invalid. Return to Self-Service and request smart credential activation again."
The password required to activate the mobile smart credential has expired.
1. Return
to the mobile smart credential you previously activated, and click
.
A new activation email is sent to your email address.
2. Follow the email's instructions to activate the mobile smart credential.
3. If the problem persists, contact support@entrust.com.
Error message received when entering password on mobile device to activate mobile smart credential, "The password entered is incorrect or the link is corrupted. Try again."
The password is invalid.
1 Confirm that you are entering the password from your most recent activation email.
2 Check every character in the code, and enter each one carefully.
3 If the problem persists, contact support@entrust.com.