Inactive/Disabled user respiAPI response in Risk Authentication
search cancel

Inactive/Disabled user respiAPI response in Risk Authentication


Article ID: 262415


Updated On:


CA Risk Authentication CA Advanced Authentication CA Advanced Authentication - Risk Authentication (RiskMinder / RiskFort)


We are in the process of upgrading the risk authentication services from 9.1 SP2 to SP3.

The Inactive user risk evaluation call on SP2 setup giving the excepted response on postman utility.

SP2 response : "User account has been disabled or is locked.","errorCode":"70613000"

Where in SP3 setup, we are not seeing similar message with user status details.

SP3 response : "An exception occurred because of an unexpected internal error.","errorCode":"40009000"

Sample request for deactivate user :https://exampleserver/aa-restapi/ca/advancedauth/v1/org/WMAOLS/user/W21DEG324YUAww/risk/evaluate

Request type: POST

Update Header with below information and update token with previous step:


authToken:"Update Token"


Update Body:

   "ipAddress": "x.x.118.17",

   "action": "login",

   "channel": "default",

   "deviceId": {"type" : "HTTP_COOKIE","value": "1pVXWXwd6qUmQ7GVJFwYHyIruegkWdJiMrbRJPN73Yj3vlOCRQcYTw=="},

   "deviceSignature": "{\"VERSION\":\"2.1.2\",\"MFP\":{\"Browser\":{\"UserAgent\":\"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:53.0) Gecko/20100101 Firefox/53.0\",\"Vendor\":\"\",\"VendorSubID\":\"\",\"BuildID\":\"20170518000419\",\"CookieEnabled\":true},\"IEPlugins\":{},\"NetscapePlugins\":{\"Shockwave Flash\":\"\"},\"Screen\":{\"FullHeight\":1080,\"AvlHeight\":1080,\"FullWidth\":1920,\"AvlWidth\":1858,\"ColorDepth\":24,\"PixelDepth\":24},\"System\":{\"Platform\":\"Win32\",\"OSCPU\":\"Windows NT 6.1; WOW64\",\"systemLanguage\":\"en-US\",\"Timezone\":-330}},\"ExternalIP\":\"x.x.153.180\",\"MESC\":{\"mesc\":\"mi=2;cd=150;id=30;mesc=552119;mesc=641431\"},\"Flash Attributes\":{}}"



Release : 9.1

CA Risk Authentication


If the user base is Database and the user is Disable or Locked, the response of the Risk evaluation API is "User account has been disabled or is locked."

Screen shots below to show the Request and Response. Here is a KB article to show the Risk Evaluate and Post Evaluate Request and Response.