Invalid Token Specified error received when integrating DLP and CloudSOC
search cancel

Invalid Token Specified error received when integrating DLP and CloudSOC

book

Article ID: 175396

calendar_today

Updated On:

Products

CASB Security Standard CASB Security Premium CASB Security Advanced CASB Securlet SAAS With DLP-CDS CASB Securlet SAAS

Issue/Introduction

Error message: "Invalid Token Specified" when adding the CDS connector to CloudSOC (aka "CASB").

Environment

DLP Cloud Detection Service (aka "CDS")

Symantec CloudSOC (aka "CASB")

Cause

"Invalid Token" can mean that the token provided has expired, however, the token provided for registering a DLP Cloud Detector with your CASB service is valid for 90 days.

Resolution

DLP Support can help ascertain whether a token has expired, and can reissue a new token if one is required. 

It is worth noting that the old format was simply a GUID for each token. That was changed (in the spring of 2021), and a proper token for registration now also includes the DetectorID for the Cloud Detector:

<TokenGUID>:<DetectorID>

 

Contact DLP support if you have questions about the token not working for the CASB registration of your DLP Cloud Detector. 

Additional Information

There are a few token-specific errors which indicate an expired token, use of an incorrect token, or an incomplete profile on the DLP Cloud Detector (which also prevents registration in CASB for a new DLP Detector).

Here is a landing page for other errors which can occur when attempting to register a DLP Detector with CASB:

You receive an error using a token to connect your DLP Cloud Detector to CASB (broadcom.com)