Enabling detailed errors with IdentityIQ forgot password self-service password reset
Enabling detailed errors with IdentityIQ forgot password self-service password reset
When enabled, IdentityIQ let you reset your forgotten password via a link present in the OOTB login page. Under the hood, IdentityIQ will perform several checks, including checking identity exists, security questions etc.
For security reasons, IdentityIQ always return the same generic message, typically "An error has occurred, Try again or contact System Administrator" when the request cannot be performed, no matter what the error cause is.
In some situations, it might be useful to get a detailed message to identify the root cause. To enable detailed error,
- Update the SystemConfiguration object and replace the line
<entry key="loginErrorStyle" value="simple"/>
by
<entry key="loginErrorStyle" value="detailed"/>
Specific error messages with their corresponding key in message catalog include
reset_err_user_not_found: Message displayed when the user is not found
reset_err_no_sms_phone: Message displayed when the SMS phone number is not set for the user or is in a bad format
auth_answers_not_configured: Message displayed when authentication questions are not configured
Use of detailed login error messages must be weighed against internal security policies.
