Skip to main content
KevinCanalichio
KevinCanalichio
New Member
March 26, 2021
Question

Fortisiem - Azure Government Cloud

  • March 26, 2021
  • 3 replies
  • 3159 views
Has anyone had a luck connecting the SEIM to the azure government cloud at azure.us  All the fortisiem APIs appears to go to azure.com and I get the following error

Confidential Client is not supported in Cross Cloud request.\r\nTrace ID: a5167bd1-ce86-45ab-a7d6-f1db1a16f600\r\nCorrelation ID: 3c191a9b-f2ef-4573-9c73-dbef821e55fd\r\nTimestamp: 2021-03-02 16:52:49Z","error_codes":[900382],"timestamp":"2021-03-02 16:52:4

Which would seem to show that my credentials are not in the azure.com domain. And there doesn't appear to be able redirection to the azure.us domain.

I have hacked the database to replace azure.com with azure.us, portal.azure.us, and various other urls but that didn't work either in the below documents
https://docs.microsoft.com/en-us/azure/developer/python/azure-sdk-sovereign-domain
https://docs.microsoft.com/en-us/azure/azure-government/compare-azure-government-global-azure#guidance-for-developers


Any help would be appriciated

    3 replies

    FSM_FTNT
    Staff
    FSM_FTNT
    Staff
    March 26, 2021
    Hi Kevin,

    I'm aware of an issue with this GCC integration and working to address it.

    Will revert back ASAP.

    Thanks

    Dan

    ------------------------------
    Daniel
    FortiSIEM Product Manager
    ------------------------------
    -------------------------------------------
    Original Message:
    Sent: Mar 26, 2021 08:18 AM
    From: Kevin Canalichio
    Subject: Fortisiem - Azure Government Cloud

    Has anyone had a luck connecting the SEIM to the azure government cloud at azure.us  All the fortisiem APIs appears to go to azure.com and I get the following error

    Confidential Client is not supported in Cross Cloud request.\r\nTrace ID: a5167bd1-ce86-45ab-a7d6-f1db1a16f600\r\nCorrelation ID: 3c191a9b-f2ef-4573-9c73-dbef821e55fd\r\nTimestamp: 2021-03-02 16:52:49Z","error_codes":[900382],"timestamp":"2021-03-02 16:52:4

    Which would seem to show that my credentials are not in the azure.com domain. And there doesn't appear to be able redirection to the azure.us domain.

    I have hacked the database to replace azure.com with azure.us, portal.azure.us, and various other urls but that didn't work either in the below documents



    https://docs.microsoft.com/en-us/azure/developer/python/azure-sdk-sovereign-domain
    https://docs.microsoft.com/en-us/azure/azure-government/compare-azure-government-global-azure#guidance-for-developers


    Any help would be appriciated
    KenMick
    Staff
    KenMick
    Staff
    March 26, 2021
    Hi Kevin,

    I would urge you to contact FortiSIEM Support for more information on this.  I am not 100% sure, but I suspect that this isn't supported at the moment.  Once Support becomes aware of this, they can file a feature request on your behalf.

    Thanks!-------------------------------------------
    Original Message:
    Sent: Mar 26, 2021 08:18 AM
    From: Kevin Canalichio
    Subject: Fortisiem - Azure Government Cloud

    Has anyone had a luck connecting the SEIM to the azure government cloud at azure.us  All the fortisiem APIs appears to go to azure.com and I get the following error

    Confidential Client is not supported in Cross Cloud request.\r\nTrace ID: a5167bd1-ce86-45ab-a7d6-f1db1a16f600\r\nCorrelation ID: 3c191a9b-f2ef-4573-9c73-dbef821e55fd\r\nTimestamp: 2021-03-02 16:52:49Z","error_codes":[900382],"timestamp":"2021-03-02 16:52:4

    Which would seem to show that my credentials are not in the azure.com domain. And there doesn't appear to be able redirection to the azure.us domain.

    I have hacked the database to replace azure.com with azure.us, portal.azure.us, and various other urls but that didn't work either in the below documents



    https://docs.microsoft.com/en-us/azure/developer/python/azure-sdk-sovereign-domain
    https://docs.microsoft.com/en-us/azure/azure-government/compare-azure-government-global-azure#guidance-for-developers


    Any help would be appriciated
    KevinCanalichio
    KevinCanalichioAuthor
    New Member
    March 26, 2021
    I opened this ticket with them over 3 week ago. And have gotten nowhere so I figured I'd reach out the the community-------------------------------------------
    Original Message:
    Sent: Mar 26, 2021 09:15 AM
    From: Ken Mickeletto
    Subject: Fortisiem - Azure Government Cloud

    Hi Kevin,

    I would urge you to contact FortiSIEM Support for more information on this.  I am not 100% sure, but I suspect that this isn't supported at the moment.  Once Support becomes aware of this, they can file a feature request on your behalf.

    Thanks!
    Original Message:
    Sent: Mar 26, 2021 08:18 AM
    From: Kevin Canalichio
    Subject: Fortisiem - Azure Government Cloud

    Has anyone had a luck connecting the SEIM to the azure government cloud at azure.us  All the fortisiem APIs appears to go to azure.com and I get the following error

    Confidential Client is not supported in Cross Cloud request.\r\nTrace ID: a5167bd1-ce86-45ab-a7d6-f1db1a16f600\r\nCorrelation ID: 3c191a9b-f2ef-4573-9c73-dbef821e55fd\r\nTimestamp: 2021-03-02 16:52:49Z","error_codes":[900382],"timestamp":"2021-03-02 16:52:4

    Which would seem to show that my credentials are not in the azure.com domain. And there doesn't appear to be able redirection to the azure.us domain.

    I have hacked the database to replace azure.com with azure.us, portal.azure.us, and various other urls but that didn't work either in the below documents



    https://docs.microsoft.com/en-us/azure/developer/python/azure-sdk-sovereign-domain
    https://docs.microsoft.com/en-us/azure/azure-government/compare-azure-government-global-azure#guidance-for-developers


    Any help would be appriciated
    RobertEvans
    RobertEvans
    New Member
    March 26, 2021
    Hi Kevin,

    Which integration did you try to configure? The office365 Management API has been fixed for this issue in v6.2 of FortiSIEM, allowing the .com and .us endpoints for Azure GCC and Azure GCC High.

    Azure GCC Login: login.microsoftonline.com
    Azure GCC API: manage-gcc.office.com

    Azure GCC High Login: login.microsoftonline.us
    Azure GCC High API: manage.office365.us

    If you are using another Azure integration type other than Office 365 let me know which one that is. 

    Thanks,-------------------------------------------
    Original Message:
    Sent: Mar 26, 2021 09:30 AM
    From: Kevin Canalichio
    Subject: Fortisiem - Azure Government Cloud

    I opened this ticket with them over 3 week ago. And have gotten nowhere so I figured I'd reach out the the community
    Original Message:
    Sent: Mar 26, 2021 09:15 AM
    From: Ken Mickeletto
    Subject: Fortisiem - Azure Government Cloud

    Hi Kevin,

    I would urge you to contact FortiSIEM Support for more information on this.  I am not 100% sure, but I suspect that this isn't supported at the moment.  Once Support becomes aware of this, they can file a feature request on your behalf.

    Thanks!
    Original Message:
    Sent: Mar 26, 2021 08:18 AM
    From: Kevin Canalichio
    Subject: Fortisiem - Azure Government Cloud

    Has anyone had a luck connecting the SEIM to the azure government cloud at azure.us  All the fortisiem APIs appears to go to azure.com and I get the following error

    Confidential Client is not supported in Cross Cloud request.\r\nTrace ID: a5167bd1-ce86-45ab-a7d6-f1db1a16f600\r\nCorrelation ID: 3c191a9b-f2ef-4573-9c73-dbef821e55fd\r\nTimestamp: 2021-03-02 16:52:49Z","error_codes":[900382],"timestamp":"2021-03-02 16:52:4

    Which would seem to show that my credentials are not in the azure.com domain. And there doesn't appear to be able redirection to the azure.us domain.

    I have hacked the database to replace azure.com with azure.us, portal.azure.us, and various other urls but that didn't work either in the below documents



    https://docs.microsoft.com/en-us/azure/developer/python/azure-sdk-sovereign-domain
    https://docs.microsoft.com/en-us/azure/azure-government/compare-azure-government-global-azure#guidance-for-developers


    Any help would be appriciated
    itmotetocka
    itmotetocka
    New Member
    September 13, 2023

    Hey Kevin,

     

    I've encountered a similar challenge when attempting to connect Fortisiem to the Azure Government Cloud. The error message you're seeing indicates a "Confidential Client is not supported in Cross Cloud request," which suggests that your credentials might indeed not be within the azure.com domain. This issue can be quite perplexing, but fret not, there's a solution.

     

    My recommendation is to ensure that you're using the appropriate Azure Government endpoints and URLs in your configuration. Instead of hacking the database, try checking your Fortisiem setup and make sure you're using the azure.us, portal.azure.us, and other relevant URLs throughout the configuration.

     

    Also, check if you need to adjust the authentication method to align with the Azure Government Cloud requirements. It's essential to follow Azure Government's specific guidelines for API calls.

    I faced a similar problem a while back, and once I aligned my configuration with the correct endpoints, the issue was resolved. Remember that staying in sync with Azure Government's unique requirements is key.

    Terms & ConditionsAccessibility statement