cancel
Showing results for 
Search instead for 
Did you mean: 

Archer API: Unable to login with specified credentials

DavidFulmer
Contributor III

One of API developer team wrote the API script to execute the process in one of our applications.  From what we see first time, we received the intermittent issues.

 

Exception Stacktrace : org.springframework.ws.soap.client.SoapFaultClientException: Server was unable to process request. ---> Unable to login with specified credentials

We do not have an issue with user ID access (username, password and roles), however the issue is that Archer API is not even able to create session token.  Any reason why it is not creating session token?

 

We are unable to track this in Archer logs for API error calls.  Is there alternative logs we can locate?  Do you have any reason why this is not working?

13 REPLIES 13

DavidPetty
Archer Employee
Archer Employee

Do you see the failed login attempt in Archer Security Events report?

 Advisory Consultant - Archer, an RSA Business

Do you mean "Failed User Login" event name under Archer Security Events report?  We also checked and seeing only generic user IDs listed here, and none of the non-interactive username IDs. 

 

We only give non-interactive username to API developers to access the module.   The non-interactive username ID are already listed in 'Application Owners' to grant full rights in the records.  We also checked this username IDs that status is currently active.

What is the User Account Status in Archer? You can check the below KB and see if you can get any insights on your issue from the "Cause" mentioned.

 

000033384 - Server was unable to process request resulting in an Invalid session token error in RSA Archer GRC 

 

Edit: Just noticed that you mentioned the account status as Active.

Yep, that would be it  

 

Make sure you're passing the correct instance name and that's case sensitive.  I just did a test using Jeff Letterman‌ wonderful https://community.rsa.com/docs/DOC-81721 using CreateUserSessionFromInstance and not providing any valid information and received the same error you posted, and noting was listed in the Security Events Failed User Login report for the attempt.

 Advisory Consultant - Archer, an RSA Business

It could be that the password needs updating.
It would result in a successful log in (should be in Security Events), but would prevent the feed from moving forward.

The password is good and non-interactive username account ID status is active. 

 

Confirmed from API developer team that there are eight nodes with multi-task connections into Archer where it is causing the issues.

 

Does that mean API does not support the multiple session for the same account username ID?

Cause:

  • Two processes are configured to use the same user ID. 


Please refer the KB I posted above. 

Archer only allows one session token per user account.  No simultaneous user logins.

 Advisory Consultant - Archer, an RSA Business

Does the timeout session (configured through Security Parameters for specific non-interactive user ID) also cause the issue?