You are trying to register your DLP Custom REST CDS with the Secure Access Console and receive an unexpected error
search cancel

You are trying to register your DLP Custom REST CDS with the Secure Access Console and receive an unexpected error

book

Article ID: 270266

calendar_today

Updated On:

Products

Data Loss Prevention Cloud Detection Service Data Loss Prevention Cloud Detection Service for REST

Issue/Introduction

You have a new CDS in a Custom REST configuration, and are trying to register it using the token provided, and receive the following error:

Unexpected error 
Invalid request parameters: The DLP token is not valid, verify the integration token copied and placed properly.

 

You have already enrolled it in your Enforce Server, and the CDS connected in Enforce, with all its profiles loaded.

Environment

Release : 16.x-25.1

Cause

This usually arises because the ZTNA Tenant (Zero Trust Network Access, aka Secure Access Cloud) is in a different region than your DLP Cloud Detector (CDS).

E.g., ZTNA was provisioned in the EU, whereas the CDS was provisioned in the US, or vice versa.

Resolution

A Custom REST CDS integration in DLP with ZTNA or SAC has the following requirements:

  1. It must be an Enforce-Managed CDS for DLP (not Cloud-Managed).
  2. SAC and CDS need to be in the same region (US or EU).

Check to confirm Core Region for each tenant matches. If not, one of them will have to be decommissioned and replaced with a tenant so the regions match.

If the token has failed for any reason with the error shown in this article, a new token is required. Please contact Technical Support to obtain a new token for your configuration.

Additional Information

In one case the token error above failed because of a misconfigured filter in the Application Detection settings for a CloudSOC CDS. To confirm if that's the case, see Application Detection never changes "Sync Pending" status (broadcom.com).

 

Powered by Wolken Software