From the log, take the transaction ID.
Run the below command :
select * from TFAADmin.ARRFSYSAuditlog where txid="ID". The user name gets displayed here.
Run select * from TFAADmin.ARRFSYSAuditlog where username="". Enter the User ID from the above one.
Generate the Riskevaluation report for the user and verify if there are two / more transactions done at the same exact time,
Run this command in the DB :
update ARRFCONFIGURATION set value=5 where category='GLOBAL' and name='DEVICELOCKEDTIMEDIFF'; update ARRFCONFIGURATION set value=5 where category='GLOBAL' and name='USERLOCKEDTIMEDIFF';
Below is the information from the update query :
Example - There is a test user
First transaction - T1 happened at 10 AM IST.
Same user if second transaction happened with in 2 min ( 120 sec ) and if it comes under the same user - it is considered as duplicate transaction,
If second transaction is coming in 120 seconds the logs does not get updated.
If the transaction comes post 120 seconds , it will gives a valid response.
So, the update query will not impact the user.
Here the value is updated as 5 We have kept 5 seconds and below 5 seconds this is not considered as correct.
So, the transaction will be abandoned if any comes from the same user under 5 seconds, and that is the reason the error is coming and there is no impact on the error