Introduction
There are cases when several TIMEOUT entries can be seen in the admin console logs.
These can be like:
- OIDC_COMPLETE - Timeout - if they’re configured for OIDC
- SAML_COMPLETE - Timeout - if they’re configured with SAML
- WSFED_COMPLETE - Timeout - if they’re configured with WS FED
These events appear (exactly) 5 minutes after the attempted (and failed) authentication.
No user information
The events contain no user info because our internal authentication services are attempting to put together enough information about the user who is attempting to authenticate but have not yet received an appropriate identity that can be linked to a user from the IDP.
User experience
At the users side, in these cases the following message can be seen:
“Could not verify your identity. To try again, return to the login screen”
Cause
There are two reasons they could be seeing this:
-
Platform Authenticator failed to launch and find a valid credential
-
Platform Authenticator launched but found no valid credential
Currently, what we can extract from the logs, is the IP used for geolocating the request. Providing more detailed information in such cases is already in the development phase.
Comments
1 comment
There are more "Causes" than the two stated above.
1. The user did not complete the authentication flow and submit the authentication request to Beyond Identity. Not clicking "Submit" on a login prompt is a common reason for this Timeout flow.
Please sign in to leave a comment.