Please enter search query.
Search <product_name> all support & community content...
Article: 100050015
Last Published: 2025-09-11
Ratings: 0 0
Product(s): Alta SaaS Protection
Description
Whether you are using seamless or link-based stubbing (or both) in your Cohesity Alta SaaS Protection (CASP) environment, you may encounter scenarios where users open a stubbed item because of failed authorization.
Keep in mind that CASP performs a data-level security check in the cloud before it satisfies any retrieval request. For this check to happen, CASP must know the user account and verify it against the permissions on the file. Thus, users' accounts must be domain accounts and be synchronized, and the user must be in the item's ACL, in order for authorization to succeed.
In the Admin Portal's Administration app, you can see a history of user accounts that have failed retrieval attempts.
If you wish to allow any of the accounts, simply select the checkbox beside their name and click the ' Allow list selected users...' button.
NOTE: Allowlisting may not be sufficient in all cases. For example, if the user has access by virtue of some local group, Allowlisting the user will not permit them to have access since CASP has no knowledge of local group expansions.
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.