While integrating Trellix Insights into ePO on-premises, you're unable to link the Trellix ePO - SaaS account in the Trellix ePO - SaaS Cloud Bridge settings page. You follow the steps outlined in the section "Configure Trellix ePO - SaaS Cloud Bridge" in the
Trellix Insights Product Guide.
You see the error below in the ePO console:
Unable to get access/registration token from IAM service for the provided account credentials. See orion.log for
details.
You see the error below in the
Orion.log file:
ERROR [http-abc-9085-exec-102] registration.RegistrationProxyImpl - getAccessToken received HTTP status 401. IAM URL: https://iam.mcafee-cloud.com/iam/v1.0/token msgBody: grant_type=password&scope=epo.reg_token&username=abc.def%40test.com&password=********&client_id=0oawz1wagXnxG7lUr2p6
ERROR [http-abc-9085-exec-102] action.CloudBridgeServerSettingsAction - Cloud Bridge registration failed, IAM error code: 401 "Token Endpoint: Password grant: Error: invalid_grant - Resource owner password credentials authentication denied by sign on policy."
com.mcafee.epo.cloudbridge.RegistrationException: Could not get access token from IAM service with scope(s) epo.reg_token.