Sm_Api_Reason_t
Enumerates the reasons for an access event, such as an authentication failure or session logout.
casso10
Enumerates the reasons for an access event, such as an authentication failure or session logout.
When an authentication scheme fails to authenticate, it may send back a reason status code. The status code returned from the authentication function is constructed using the SM_MAKEAUTH_STATUSVALUE macro (see Returns on page 10).
The Policy server sends the reason to the agent. The
CA Single Sign-On
Web Agent exposes the reason so that Web applications can use it in their logic.The following APIs use Sm_Api_Reason_t:
- Authentication API
- Event API
- Directory API
The following table shows the bits that can be set for access events.
Authentication Reason | Value |
Sm_Api_Reason_None | 0 |
Sm_Api_Reason_PwMustChange | 1 |
Sm_Api_Reason_InvalidSession | 2 |
Sm_Api_Reason_RevokedSession | 3 |
Sm_Api_Reason_ExpiredSession | 4 |
Sm_Api_Reason_AuthLevelTooLow | 5 |
Sm_Api_Reason_UnknownUser | 6 |
Sm_Api_Reason_UserDisabled | 7 |
Sm_Api_Reason_InvalidSessionId | 8 |
Sm_Api_Reason_InvalidSessionIp | 9 |
Sm_Api_Reason_CertificateRevoked | 10 |
Sm_Api_Reason_CRLOutOfDate | 11 |
Sm_Api_Reason_CertRevokedKeyCompromised | 12 |
Sm_Api_Reason_CertRevokedAffiliationChange | 13 |
Sm_Api_Reason_CertOnHold | 14 |
Sm_Api_Reason_TokenCardChallenge | 15 |
Sm_Api_Reason_ImpersonatedUserNotInDir | 16 |
Sm_Api_Reason_Anonymous | 17 |
Sm_Api_Reason_PwWillExpire | 18 |
Sm_Api_Reason_PwExpired | 19 |
Sm_Api_Reason_ImmedPWChangeRequired | 20 |
Sm_Api_Reason_PWChangeFailed | 21 |
Sm_Api_Reason_BadPWChange | 22 |
Sm_Api_Reason_PWChangeAccepted | 23 |
Sm_Api_Reason_ExcessiveFailedLoginAttempts | 24 |
Sm_Api_Reason_AccountInactivity | 25 |
Sm_Api_Reason_NoRedirectConfigured | 26 |
Sm_Api_Reason_ErrorMessageIsRedirect | 27 |
Sm_Api_Reason_Next_Tokencode | 28 |
Sm_Api_Reason_New_PIN_Select | 29 |
Sm_Api_Reason_New_PIN_Sys_Tokencode | 30 |
Sm_Api_Reason_New_User_PIN_Tokencode | 31 |
Sm_Api_Reason_New_PIN_Accepted | 32 |
Sm_Api_Reason_Guest | 33 |
Sm_Api_Reason_PWSelfChange | 34 |
Sm_Api_Reason_ServerException | 35 |
Sm_Api_Reason_UnknownScheme | 36 |
Sm_Api_Reason_UnsupportedScheme | 37 |
Sm_Api_Reason_Misconfigured | 38 |
Sm_Api_Reason_BufferOverflow | 39 |
Sm_Api_Reason_SetPersistentSessionFailed | 40 |
Sm_Api_Reason_UserLogout | 41 |
Sm_Api_Reason_IdleSession | 42 |
Sm_Api_Reason_PolicyServerEnforcedTimeout | 43 |
Sm_Api_Reason_PolicyServerEnforcedIdle | 44 |
Sm_Api_Reason_ImpersonationNotAllowed | 45 |
Sm_Api_Reason_ImpersonationNotAllowedUser | 46 |
Sm_Api_Reason_FederationNoLoginID | 47 |
Sm_Api_Reason_FederationUserNotInDir | 48 |
Sm_Api_Reason_FederationInvalidMessage | 49 |
Sm_Api_Reason_FederationUnacceptedMessage | 50 |
Sm_Api_Reason_ADnativeUserDisabled Note: This reason code is a duplicate of Sm_Api_Reason_UserDisabled. | 51 |