Unable to link accounts in Trellix ePO - SaaS Cloud Bridge (multifactor authentication enabled)

Technical Articles ID: KB93420
Last Modified: 2023-02-02 04:40:53 Etc/GMT

Environment

Trellix ePolicy Orchestrator (ePO) 5.10.x (on-premises)
Trellix ePO - SaaS Cloud Bridge (CB) 2.1, 2.0 extensions
Trellix ePO - SaaS

Summary

While integrating Trellix Insights into ePO on-premises, you're unable to link the Trellix ePO - SaaS account in the Trellix ePO - SaaS Cloud Bridge settings page. You follow the steps outlined in the section "Configure Trellix ePO - SaaS Cloud Bridge" in the Trellix Insights Product Guide.

You see the error below in the ePO console:

Unable to get access/registration token from IAM service for the provided account credentials. See orion.log for
details.

You see the error below in the Orion.log file:

ERROR [http-abc-9085-exec-102] registration.RegistrationProxyImpl - getAccessToken received HTTP status 401. IAM URL: https://iam.mcafee-cloud.com/iam/v1.0/token msgBody: grant_type=password&scope=epo.reg_token&username=abc.def%40test.com&password=********&client_id=0oawz1wagXnxG7lUr2p6

ERROR [http-abc-9085-exec-102] action.CloudBridgeServerSettingsAction - Cloud Bridge registration failed, IAM error code: 401 "Token Endpoint: Password grant: Error: invalid_grant - Resource owner password credentials authentication denied by sign on policy."
com.mcafee.epo.cloudbridge.RegistrationException: Could not get access token from IAM service with scope(s) epo.reg_token.

Cause

Multifactor authentication is enabled for the Trellix ePO - SaaS user account. Multifactor authentication is used to link to the Trellix ePO - SaaS Cloud Bridge and Trellix ePO - SaaS Migration extension.

When configured with two-factor authentication, these connectors can't authenticate to the Trellix ePO - SaaS resources and obtain an access token.

Solution 1

This issue is scheduled to be resolved in Trellix ePO - SaaS Cloud Bridge 2.2, which isn't currently available.

NOTE: Any future product functionality or releases mentioned in the Knowledge Base are intended to outline our general product direction and should not be relied on, either as a commitment, or when making a purchasing decision.

To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.

To receive information about product updates, sign up for the Support Notification Service.

Solution 2

Other issues are documented that incur the same errors, but have a different cause and solution.

These issues are collated in KB94931 - Troubleshooting unable to link accounts in Trellix ePO - SaaS Cloud Bridge.

Workaround

Disable Multifactor authentication in Trellix ePO - SaaS:

Open Trellix ePO - SaaS.
Click Menu, Configuration, Users & Roles.
Disable the Multi-factor Authentication option.
Deselect Require Multi-Factor Authentication in the upper-right corner.
Close the Trellix ePO - SaaS browser or log off.
Open and log in to Trellix ePO - SaaS with the account used to link to the Trellix ePO - SaaS Cloud Bridge.
Click the people icon at the top right and select My Profile.
Disable the user profile Two-Factor Authentication.
Click Save Changes.

Affected Products

Languages:

This article is available in the following languages:

Knowledge Center

Unable to link accounts in Trellix ePO - SaaS Cloud Bridge (multifactor authentication enabled)

Environment

Summary

Cause

Solution 1

Solution 2

Workaround

Affected Products

Languages:

Title

Title

Knowledge Center

Unable to link accounts in Trellix ePO - SaaS Cloud Bridge (multifactor authentication enabled)

Environment

Summary

Cause

Solution 1

Solution 2

Workaround

Affected Products

Languages:

Choose your region

Title

Title