SecureAuth IdP Version Affected: 9.2
Description: After upgrading to 9.2, adaptive auth settings do not save.
Cause: The Admin Api and AnalyzeAPI realms are running with a different AnalyzeAPIAppID and AppKey to the rest of the realms.
Check a few realms to see if it is one realm with the problem or all realms.
If it is one realm, you'll need to match the AnalyzeApiAppId ,AnalyzeApiAppKey and servercertsn from a working realm to the broken realm.
If all realms fail, update the Admin Api and Analyze Api realms with the correct AppID and AppKey and servercertcn
1. Open the Admin Console
2. Click Tools | Decrypt Web Config
3. Select "Admin Api" "Analyze Api" and the realm you're trying to update and click Decrypt
4. Navigate to D:\SecureAuth\AnalyzeApi and take a backup of the Web.config
5. Navigate to D:\SecureAuth\Api and take a backup of the Web.config
6. Open D:\SecureAuth\SecureAuthX\web.config and make a note of the AnalyzeApiAppId ,AnalyzeApiAppKey and servercertsn
7. Edit D:\SecureAuth\AnalyzeApi\Web.config
8. Match the AnalyzeApiAppId to Api.AppId ,
AnalyzeApiAppKey to Api.AppKey
ServerCertSN and ServerCertSN
9. Repeat this for D:\SecureAuth\Api\Web.config
Special Considerations (optional as needed): If following the above steps still does not work, verify that the machineKey key in SecureAuth0\web.config is an exact match with API\web.config
If elements are missing in one of the web.configs, you may encounter the following error in AdminApiLogs:
And still see that Adaptive Authentication Threat Services are missing, nor can you save Adaptive Authentication settings. If so, please go back and make sure the Forms name and machineKey elements match between the 2 web.configs.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.