1. SecureAuth Support
  2. Support Documentation
  3. IdP Knowledge Base Articles

QR and/or URL Enrollments fail with a 'qrProvision verify exception' error

Follow
Avatar
Ben Watts
    Applies to:
  • SecureAuth Identity Platform
Deployment model:
  • Hybrid

    • Version Affected:  24.04 RU2/3

    Description:  
    Enrollments fail and throw the below error in the Error logs

    Classic Realms

    qrProvision verify exception: The settings property 'OATHToken' was not found.

    New Experience Realms

    qrProvision verify exception: Object reference not set to an instance of an object.


    Cause:  
    This specific error has been seen when the web.config is missing Properties, see - https://support.secureauth.com/hc/en-us/articles/33464139151892-Authentication-failures-throwing-The-settings-property-xxxxx-was-not-found

    If that has been confirmed to not be the situation, another potential cause of this is due to a bug in the product whilst the Enrollment Realm(s) (URL or QR) Authentication is carried out via Windows SSO (IWA)

    The issue has been seen within the below versions, this is not an exhaustive list and therefore it could be present in other versions/builds
    24.4.2 Build 5
    24.4.3 Build 10

    This is being looked at within - EE-3741
     

    Resolution:  
    If the problem is corrected after disabling Windows SSO and using FBA to authenticate into the Realm, the environment is affected by this specific bug.
    A fix is currently going through QA (July 2025)
    Once the fix has been released for general availability, this KB will be updated with the Versions/RU level the fix is included in
     

    Workarounds:
    We strongly recommend waiting and upgrading to a version with the fix present, if a Workaround is required until that point, either of the below options can be used

    • Disable IWA for the Enrollment Realms
    • Contact Support - an updated DLL can be made available if necessary but this is only for 24.4.3 Build 10

     

     

    SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

    Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

    0 out of 0 found this helpful

    Comments

    0 comments

    Please sign in to leave a comment.

    Related articles

    Links:

    Identity Platform Documentation Portal
    Identity Platform Product Lifecycle Policy
    Global Support Policy

    Contact Support:

    Submit a Ticket
    Identity Platform Support: (866) 859-1526