Page Access denied: Invalid User or Tenant.
search cancel

Page Access denied: Invalid User or Tenant.


Article ID: 173385


Updated On:


CASB Security Standard CASB Security Premium CASB Security Advanced CASB Gateway


Unable to access SaaS sites with CASB Gatelets enabled.

Page access Denied: Invalid user or Tenant for unknown [email protected]

Or DomainORWorkstation\userid  is not listed.

Or no user is listed.





CASB Proxy Chaining is enabled with:

  • User Signaling (Agentless)
  • Unauthorized User as Guest



No Guest user in CloudSOC.


In CloudSOC, Users page:

  1. Create the user "guest".
  2. Give that user an email address of [email protected] ( is the primary domain in CASB) 

If no user is reported, but the invalid user or tenant exists.  Verify that WSS is not bypassing authentication.

If the Invalid User or Tenant reports a user as  DomainORWorkstation\userid  verify the user exists as a SecondaryID in CloudSOC.