outcome.failureReason

Additional information about the outcome.

Values

Any arbitrary string.

The outcome element contains the failureReason element. The values for the failureReason elements are event-specific. The following strings are some of the suggested values:

accountDisabled

User's account has been disabled.

accountDisabledRetryViolation

Retry maximum has been violated for authentications that are not valid. The account has been disabled in the registry.

accountExpired

User account has expired.

accountLockedOutMaxLoginFail

User account has been temporarily locked out due to too many failed login attempts. Lock time interval has not elapsed.

accountLockedOutRetryViolation

Invalid authentication retry maximum has been violated. The account has been temporarily locked out.

accountMaxInactiveElapsed

Maximum inactive days has elapsed for the account.

accountUnlocked

User account was unlocked because lock time interval has elapsed.

authenticationFailure

Authentication failed. Use this value when we do not have a more specific value for this audit element.

certificateFailure

A client certificate could not be authenticated.

invalidUserName

The supplied user name does not exist in the registry.

invalidUserPassword

The password associated with the given user name is incorrect.

mappingFailure

The login data entered could not be mapped to an application-specific user.

nextToken

Next token required for authentication.

passwordChangeMaxIntervalElapsed

Maximum time interval since last password change has elapsed.

passwordChangeMinIntervalUnexpired

Minimum time interval required between password changes has not elapsed.

passwordContainOld

Password contains the old password or is contained in the old password.

passwordExpired

The user's password has expired and no further grace logins remain.

passwordFirstLastNumeric

Password contains a numeric first or last character.

passwordMaxCharOld

Password exceeds the allowed number of consecutive characters that are common with the previous password.

passwordMaxRepeated

Password exceeds the maximum allowed number of repeated characters.

passwordMinAlphabetic

Password does not contain the required minimum number of alphabetic characters.

passwordMinAlphabeticLower

Password does not contain the required minimum number of lowercase characters.

passwordMinAlphabeticUpper

Password does not contain the required minimum number of uppercase characters.

passwordMinAlphanumeric

Password does not contain the required minimum number of alphanumeric characters

passwordMinNumeric

Password does not contain the required minimum number of numeric characters.

passwordMinSpecial

Password does not contain the required minimum number of special characters.

passwordNumCharViolation

Password does not contain the required number of characters.

passwordOldReused

Password is a recently used old password.

passwordUserName

Password contains the user name or is contained in the user name.

pinRequired

A PIN must be assigned to enable account.

policyAllowedAccess

All login policy checks permitted access.

policyViolation

Login rejected due to policy violation.

policyViolationMaxLoginsReached

Login rejected because maximum number of concurrent logins reached.

policyViolationTOD

Authentication denied at this time of the day.

tokenExpired

The lifetime for the token has expired.

tokenNotSupported

The given token is not a supported type.

tokenNotInValidFormat

The given token was not in the expected format or was corrupted.

tokenNotValidYet

The token is not valid yet.

tokenSignatureValidationFailed

The signature for the token was not valid.

usernameMismatch

In the case of reauthentication or stepUp authentication, the given user name does not match the current user name.

When a suggested value is not available, use the string Unknown Failure Reason.

XPath

CommonBaseEvent/extendedDataElements[@name='outcome']/children
[@name='failureReason']/values 

Parent topic: Reference information about elements and element types