Carbon Black API Giving 401 error_code:"UNAUTHENTICATED" message:Principal is not authenticated
search cancel

Carbon Black API Giving 401 error_code:"UNAUTHENTICATED" message:Principal is not authenticated

book

Article ID: 407469

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter) Carbon Black Cloud Audit and Remediation (formerly Cb Live Ops) Carbon Black Cloud Prevention

Issue/Introduction

Since August 1, API responses have given the a 401 with:

"error_code":"UNAUTHENTICATED","message":"Principal is not authenticated

Environment

  • Carbon Black Cloud

Cause

You are seeing this message because your organization uses SAML to authenticate with Carbon Back Cloud and the Super Admin did not migrate the org to Authhub by the June 16, 2025 deadline. All authentication was disabled.

Resolution

  1. Have your organization’s Super Admin open a Technical Case
  2. Broadcom Support will need to be engaged to help manually migrate the org to Authhub and re-enable authentication.
Powered by Wolken Software