Troubleshooting the Credential Management APIs

You can identify most issues with the Credential Management REST APIs by reviewing the API response. The responses include a
Status
field that indicates whether the operation completed successfully. If the operation did not complete successfully, the Status field includes additional error codes and messages to help you identify the issue.
For troubleshooting information about the other VIP REST APIs, see Troubleshooting the REST APIs.
The following is a sample error response to a Credential Management API call. The error indicates an issue with the value that is provided in the
Version
attribute of a
deactivate-token
request.
{ "DeactivateTokenResponse": { "Version": "5.0", "RequestId": "SYMC87654321", "SameInitialState": "false", "Status": { "ReasonCode": "4e04", "StatusMessage": "Unsupported service protocol version" } } }
The following table lists the most common error codes and status messages that are returned by the Credential Management REST APIs.
Credential Management API error codes and messages
Error Code
Message
Cause/Solution
4879
The service is temporarily unavailable
Try the operation later.
4923
The OTP you provided is within the Sync window, but outside the Look Ahead Window. This operation requires a second consecutive OTP
Provide the next consecutive security code in the
OTP2
input field.
4952
The temporary password does not contain the correct number of alphanumeric characters
Check the
TemporaryPassword
field and correct the number of characters required.
4953
Expiration date must be later than the current time, and no more than 30 days from now.
Check the
ExpirationDate
field and try again using a date within 30 days from now.
4990
Bad Token State
Check the state of token in VIP Manager.
4993
Operation not allowed on a disabled token
The operation that you attempted is not allowed on a credential in the disabled state. Use the get-token-information API to find out the state of each credential.
If necessary, unlock the token through VIP Manager and try again.
4994
Operation not allowed on a locked token
The operation that you attempted is not allowed on a credential in the locked state. Use the get-token-information API to find out the state of each credential.
If necessary, enable the token through VIP Manager and try again.
4995
Operation not allowed on a new token
The operation that you attempted is not allowed on a new credential. Use the get-token-information API to find out the state of each credential.
If necessary, activate the token and try again.
4996
Operation not allowed on an inactive token.
The operation that you attempted is not allowed on a credential in the inactive state. Use the get-token-information API to find out the state of each credential.
Activate the token and try again.
4997
Validation failed
The validation failed. Try the operation again.
Use the get-token-information API to find out the state of each credential.
Based on the credential state, do the following:
  • Enable or unlock the token through VIP Manager and try again.
  • Activate the token and try again. See Activating a credential.
If the credential is already enabled, the security code may be invalid. Try the operation again with a valid security code.
49b5
Failed with an invalid security code
The service cannot validate the credential using the security code that you provided. Provide a valid security code and try again.
49f2
Token ID not found
Check the Token ID and try again with a valid token.
4e00
Malformed request
The request is malformed. Correct the request and try again.
4e01
Service Internal Error
Possible causes/solutions:
  • The request is malformed. Correct the request and try again.
  • An unexpected error occurred at the service. Try the operation again or contact Support for assistance.
4e02
Authentication failed
The authentication request failed, possibly because of an incorrect VIP certificate type.
4e03
Authorization failed
The authorization failed. This error typically occurs because you are not authorized to act on this account or credential.
4e04
Unsupported service protocol version
Your request contains an unsupported protocol version of the REST API. Correct the version and try again.
4e08
The activation code profile that you supplied is invalid
Specify a valid activation code profile (ACProfile); either MOBILEPHONE or COMPUTER.
4e0b
A certificate is revoked
The VIP certificate that you are using has been revoked.
4e10
This URL does not support this operation.
The URL for this API is incorrect. Correct the URL and try again.
4e1d
OTP needs to be supplied for a phone number in a new state.
Provide a security code in the
OTP1
input field.
4e11
Token ID has been revoked.
Use a valid Token ID. This error typically occurs of the credential is revoked.
4e16
Phone number was not previously registered for this account
Register the phone number and try again.
4f05
This VIP credential or VIP credential type is not supported for this
Verify the user’s supported credentials within the VIP Manager policy. Use a different type of credential and try the operation again.