This document lists all the reason codes stored in SMAUTHREASON and the meaning for each code.
From the API:
Sm_Api_Reason_None = 0
Sm_Api_Reason_PwMustChange = 1
Sm_Api_Reason_InvalidSession = 2
Sm_Api_Reason_RevokedSession = 3
Sm_Api_Reason_ExpiredSession = 4
Sm_Api_Reason_AuthLevelTooLow = 5
Sm_Api_Reason_UnknownUser = 6
Sm_Api_Reason_UserDisabled = 7
Sm_Api_Reason_InvalidSessionId = 8
Sm_Api_Reason_InvalidSessionIp = 9
Sm_Api_Reason_CertificateRevoked = 10
Sm_Api_Reason_CRLOutOfDate = 11
Sm_Api_Reason_CertRevokedKeyCompromised = 12
Sm_Api_Reason_CertRevokedAffiliationChange = 13
Sm_Api_Reason_CertOnHold = 14
Sm_Api_Reason_TokenCardChallenge = 15
Sm_Api_Reason_ImpersonatedUserNotInDir = 16
Sm_Api_Reason_Anonymous = 17
Sm_Api_Reason_PwWillExpire = 18
Sm_Api_Reason_PwExpired = 19
Sm_Api_Reason_ImmedPWChangeRequired = 20
Sm_Api_Reason_PWChangeFailed = 21
Sm_Api_Reason_BadPWChange = 22
Sm_Api_Reason_PWChangeAccepted = 23
Sm_Api_Reason_ExcessiveFailedLoginAttempts = 24
Sm_Api_Reason_AccountInactivity = 25
Sm_Api_Reason_NoRedirectConfigured = 26
Sm_Api_Reason_ErrorMessageIsRedirect = 27
Sm_Api_Reason_Next_Tokencode = 28
Sm_Api_Reason_New_PIN_Select = 29
Sm_Api_Reason_New_PIN_Sys_Tokencode = 30
Sm_Api_Reason_New_User_PIN_Tokencode = 31
Sm_Api_Reason_New_PIN_Accepted = 32
Sm_Api_Reason_Guest = 33
Sm_Api_Reason_PWSelfChange = 34
Sm_Api_Reason_ServerException = 35
Sm_Api_Reason_UnknownScheme = 36
Sm_Api_Reason_UnsupportedScheme = 37
Sm_Api_Reason_Misconfigured = 38
Sm_Api_Reason_BufferOverflow = 39
Sm_Api_Reason_SetPersistentSessionFailed = 40
Sm_Api_Reason_UserLogout = 41
Sm_Api_Reason_IdleSession = 42
Sm_Api_Reason_PolicyServerEnforcedTimeout = 43
Sm_Api_Reason_PolicyServerEnforcedIdle = 44
Sm_Api_Reason_ImpersonationNotAllowed = 45
Sm_Api_Reason_ImpersonationNotAllowedUser = 46
Sm_Api_Reason_FederationNoLoginID = 47
Sm_Api_Reason_FederationUserNotInDir = 48
Sm_Api_Reason_FederationInvalidMessage = 49
Sm_Api_Reason_FederationUnacceptedMessage = 50
Sm_Api_Reason_ADnativeUserDisabled = 51
Sm_Api_Reason_ConfidenceLevelTooLow = 52
Sm_Api_Reason_DeviceBindRequired = 53
Sm_Api_Reason_StolenSession = 54
Sm_Api_Reason_InvalidCharInUserName = 55
Sm_Api_Reason_AuthChainProcessing = 56
Note: reason code (51) is a duplicate of Sm_Api_Reason_UserDisabled.
It is used only in the case where the registry key "IgnoreDefaultRedirectOnADnativeDisabled" is set, and an AD native disabled reason is found.
Since this value duplicates Sm_Api_Reason_UserDisabled, whenever that value is checked, this should probably be checked as well.
This value is only returned by SnDsLdapProvider::AuthenticateUser.
This has been incorporated into the documentation. Please visit Broadcom documentation for your version for updated information.
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/programming/sdks/programming-in-c/exported-enumerations.html