You receive an error using a token to connect your DLP Cloud Detector to CASB
search cancel

You receive an error using a token to connect your DLP Cloud Detector to CASB

book

Article ID: 219887

calendar_today

Updated On:

Products

Data Loss Prevention Cloud Package Data Loss Prevention Cloud Detection Service Data Loss Prevention Cloud Detection Service for REST

Issue/Introduction

You are trying to connect your DLP Cloud Detection Service to the Symantec CloudSOC, and have received a token as part of your DLP welcome package.

However, when using the token in the CloudSOC UI, you are getting an error that doesn't allow the registration to complete.

Environment

DLP Cloud Detection Service (aka "CDS")

Symantec CloudSOC (aka "CASB")

Resolution

There are a few token-specific errors which indicate an expired token, use of an incorrect token, or an incomplete profile on the DLP Cloud Detector (which also prevents registration in CASB for a new DLP Detector).

 

If the token is actually expired

Invalid Token Specified error received when integrating DLP and CloudSOC (broadcom.com)

 

If the profile on the DLP Cloud Detector is incomplete, it will throw this error:

You receive an error when registering your DLP service with CASB: "either host or url field is required" (broadcom.com)

 

If you were converting a CASB CIQ setup to the Enforce Managed DLP one, and you receive an error that one is "already added":

Error: "Appliance with similar connection parameters is already added" when creating new DLP Cloud Detection Service entry in the CloudSOC (broadcom.com)

 

If the Appliance is not already "Enabled":

Error in CASB "DLP should be enabled when activating DLP appliance." (broadcom.com)

 

DLP Support can help ascertain whether a token has expired, and can reissue a new token if one is required.