The table below provides information for problems that users attempting to manage their authenticators may encounter.
Problem |
Possible Cause |
Solution |
A user cannot use OTP by email, SMS, or voice. |
· If the user does not have an email address, then OTP using EMAIL is not available. · If the user does not have a mobile number, then OTP using SMS is not available. · If the user does not have a phone number or a mobile number, then OTP using VOICE is not available. OTP using VOICE uses the phone number. If the user does not have a phone number, then the mobile number is used. |
A user must have at least one of the following attributes to use OTP: · Mobile · Phone |
A user cannot locate the necessary QR code icon to set up their authenticator. |
|
1. Consult the Entrust Identity technical documentation to locate the QR code icon in your app. 2. If you are still not able to locate the icon, contact your administrator for assistance or reactivate the QR code in the User Portal. |
The following error message was received on the Entrust ST application, "The soft token could not be activated because the activation code has expired. Return to your identity provider and attempt the action again." |
The activation code has expired. |
1 Press OK. 2 Click Reactivate on the Identity as a Service page to send another Activate your Entrust Soft Token email, which contains a new QR code and passcode. 3 Repeat the procedure, Activate an Entrust ST using a QR code. 4 If your problem persists, contact your administrator for assistance. |
The error message, "An identity with the specified name already exists." was generated by the Entrust ST mobile application. |
An authenticator with the same name has already been created on this Entrust ST mobile application. Two authenticators with the same name cannot exist on the same Entrust ST mobile application, and so the new authenticator you are attempting to register will not complete its registration. |
1. Press OK. 2. Enter a different, unique name into the Name field within the Activation Details section of the Activation Summary on your mobile application. 3. Confirm that the new name you have entered is not shared by another authenticator registered on this specific Entrust ST application by cross-referencing the name you have entered with the list of existing configured authenticators on the application. 4. Press Activate. 5. If your problem persists, and it is not due to an activation link expiry, contact your administrator. |
The Google authenticator application generated the following message after attempting to register the Google Authenticator information through manual entry: "Invalid key - The key sequence of numbers and letters is invalid." |
The key entered into the Google Authenticator is incorrect. |
1. Press OK. 2. Review and compare each character entered in the Key Activation Code that you entered into the Google Authenticator window. 3. If inconsistencies are identified, replace them with the correct number(s) or character(s). 4. If the problem persists, contact your administrator. |
The Reset token window generated the error message: "Invalid Response." |
The passcode entered is incorrect. |
1. Confirm that the code you are attempting to enter is being generated by the exact authenticator you want to reset. 2. Confirm that every character of the token response you are entering is correct. 3. If both confirmations prove to be true, contact your administrator for assistance. |
When a token is activated on the Authenticators page, the activation email is not received. |
|
1. Confirm that the user's email is correct. 2. Click Reactivate to send another email and generate a new QR code.. 3. If the user still does not receive an activation email or new QR code, contact your administrator. |
The user cannot activate their token on the user portal after receiving the token activation email from Identity as a Service. |
1. Confirm that the activation type you are trying to use is supported by your mobile soft token. An Entrust Soft Token (ST) may not support all of the activation types on Blackberry, Windows Phone 8 or Java 2 Platform, Micro Edition mobile devices. 2. Your activation period may have expired. If that is the case, consult the troubleshooting solution steps associated with "The following error message was received on the Entrust ST application, "The soft token could not be activated because the activation code has expired. Return to your identity provider and attempt the action again." |
|
The token does not work when a user attempts to authenticate. |
1. Ask your administrator to confirm that both the user and the authenticator being used are both active. If either are not, ask your administrator to resolve the issue. 2. If there are no authenticators assigned to the user's profile, assign and activate an authenticator. 3. Confirm with your administrator that the resource rule controlling access to the application is configured to allow the user to authenticate. If required, reconfigure the resource rule. 4. Confirm that the clock on your mobile device is synced with the clock of the mobile device carrier (including for daylight savings). This may be causing a clock drift that is preventing you from authenticating correctly. If the two clocks are in sync and the problem persists, the user can always replace that authenticator with a new one. |
|
The error message "The Token Serial Number you have entered is invalid." appears when attempting to self-assign a hard token. |
An invalid token serial number has been entered. | 1. Confirm the hard token's serial number and response. 2. Reenter the token serial number and response into their respective fields. 3. If the problem persists, contact your administrator. |
For additional assistance, please contact your administrator.