Page Access denied: Invalid User or Tenant
search cancel

Page Access denied: Invalid User or Tenant


Article ID: 173385


Updated On:


CASB Security Standard CASB Security Premium CASB Security Advanced CASB Gateway CASB Gateway Advanced CASB Securlet SAAS


Unable to access SaaS sites with CASB Gatelets enabled.

Page access denied: Invalid user or Tenant for unknown [email protected].

Or Domain OR Workstation \ Userid  is listed.

Or no user is listed.





  1. If there is a user in the error page, please make sure that the user:
    1. can be found in CASB User/users list
    2. the user is active in CASB

  2. If this is CASB Proxy Chaining, make sure the following are enabled in BOP by CASB Support:
    1. User Signaling (Agentless)
    2. Unauthorized User as Guest



No Guest user in CloudSOC.


In CloudSOC, Users page:

  1. Create the user "guest".
  2. Give that user an email address of [email protected]. ( is the primary domain in CASB) 

If no user is reported, but the invalid user or tenant exists.  Verify that SWG (formerly WSS) is not bypassing authentication.

If the Invalid User or Tenant reports a user as  Domain OR Workstation \ Userid  verify that the User has a SecondaryID in CloudSOC.