Troubleshooting the Credential Management APIs
You can identify most issues with the Credential Management REST APIs by reviewing the API response. The responses include a
Status
field that indicates whether the operation completed successfully. If the operation did not complete successfully, the Status field includes additional error codes and messages to help you identify the issue.For troubleshooting information about the other VIP REST APIs, see Troubleshooting the REST APIs.
The following is a sample error response to a Credential Management API call. The error indicates an issue with the value that is provided in the
Version
attribute of a deactivate-token
request.{ "DeactivateTokenResponse": { "Version": "5.0", "RequestId": "SYMC87654321", "SameInitialState": "false", "Status": { "ReasonCode": "4e04", "StatusMessage": "Unsupported service protocol version" } } }
The following table lists the most common error codes and status messages that are returned by the Credential Management REST APIs.
Error Code | Message | Cause/Solution |
|---|---|---|
4879 | The service is temporarily unavailable | Try the operation later. |
4923 | The OTP you provided is within the Sync window, but outside the Look Ahead Window. This operation requires a second consecutive OTP | Provide the next consecutive security code in the OTP2 input field. |
4952 | The temporary password does not contain the correct number of alphanumeric characters | Check the TemporaryPassword field and correct the number of characters required. |
4953 | Expiration date must be later than the current time, and no more than 30 days from now. | Check the ExpirationDate field and try again using a date within 30 days from now. |
4993 | Operation not allowed on a disabled token | The operation that you attempted is not allowed on a credential in the disabled state. Use the get-token-information API to find out the state of each credential. If necessary, unlock the token through VIP Manager and try again. |
4994 | Operation not allowed on a locked token | The operation that you attempted is not allowed on a credential in the locked state. Use the get-token-information API to find out the state of each credential. If necessary, enable the token through VIP Manager and try again. |
4995 | Operation not allowed on a new token | The operation that you attempted is not allowed on a new credential. Use the get-token-information API to find out the state of each credential. If necessary, activate the token and try again. |
4996 | Operation not allowed on an inactive token. | The operation that you attempted is not allowed on a credential in the inactive state. Use the get-token-information API to find out the state of each credential. Activate the token and try again. |
4997 | Validation failed | The validation failed. Try the operation again. Use the get-token-information API to find out the state of each credential. Based on the credential state, do the following:
If the credential is already enabled, the security code may be invalid. Try the operation again with a valid security code. |
49b5 | Failed with an invalid security code | The service cannot validate the credential using the security code that you provided. Provide a valid security code and try again. |
49f2 | Token ID not found | Check the Token ID and try again with a valid token. |
4e00 | Malformed request | The request is malformed. Correct the request and try again. |
4e01 | Service Internal Error | Possible causes/solutions:
|
4e02 | Authentication failed | The authentication request failed, possibly because of an incorrect VIP certificate type. |
4e03 | Authorization failed | The authorization failed. This error typically occurs because you are not authorized to act on this account or credential. |
4e04 | Unsupported service protocol version | Your request contains an unsupported protocol version of the REST API. Correct the version and try again. |
4e08 | The activation code profile that you supplied is invalid | Specify a valid activation code profile (ACProfile); either MOBILEPHONE or COMPUTER. |
4e0b | A certificate is revoked | The VIP certificate that you are using has been revoked. |
4e10 | This URL does not support this operation. | The URL for this API is incorrect. Correct the URL and try again. |
4e1d | OTP needs to be supplied for a phone number in a new state. | Provide a security code in the OTP1 input field. |
4e11 | Token ID has been revoked. | Use a valid Token ID. This error typically occurs of the credential is revoked. |
4e16 | Phone number was not previously registered for this account | Register the phone number and try again. |
4f05 | This VIP credential or VIP credential type is not supported for this | Verify the user’s supported credentials within the VIP Manager policy. Use a different type of credential and try the operation again. |