This article explains that TIMEOUT events (OIDC/SAML/WS-Fed) occur exactly five minutes after a failed authentication when the Platform Authenticator cannot launch or find a valid credential.
Introduction
There are cases when several TIMEOUT entries can be seen in the admin console logs.
These can be like:
OIDC_COMPLETE - Timeout - if they’re configured for OIDC
SAML_COMPLETE - Timeout - if they’re configured with SAML
WSFED_COMPLETE - Timeout - if they’re configured with WS FED
These events appear (exactly) 5 minutes after the attempted (and failed) authentication.
No user information
The events contain no user info because our internal authentication services are attempting to put together enough information about the user who is attempting to authenticate but have not yet received an appropriate identity that can be linked to a user from the IDP.
User experience
At the users side, in these cases the following message can be seen:
“Could not verify your identity. To try again, return to the login screen”
Cause
There are two reasons they could be seeing this:
Platform Authenticator failed to launch and find a valid credential
Platform Authenticator launched but found no valid credential
Currently, what we can extract from the logs, is the IP used for geolocating the request. Providing more detailed information in such cases is already in the development phase.