Technical Tip: FortiSOAR Kaspersky Security Center Connector Fails with Access Denied

calvinc97 · ‎07-14-2025

Description

This article describes how to resolve the Kaspersky Security Center Connector Fails with Access Denied in FortiSOAR.

Scope

FortiSOAR.

Solution

When integrating FortiSOAR with Kaspersky Security Center (KSC) using the official FortiSOAR connector, users may encounter the following error during operations such as querying host information:

{
"code": 1184,
"file": "c:\\a\\cl\\e_1358jnaff\\r\\product\\osmp\\ksc\\dev\\server\\srvinst\\srvinst.cpp",
"line": 3756,
"message": "Access denied",
"module": "KLSTD",
"subcode": 0
}

This prevents FortiSOAR from retrieving details about endpoints managed by Kaspersky Security Center.

This issue occurs because the API user account configured for the integration in Kaspersky Security Center does not have sufficient permissions to access the endpoint host data.

By default, Kaspersky Security Center requires explicit role-based access rights. Without the proper permissions on:

Managed devices.
Administration server objects (computers, events, protection status).

The connector will receive an Access Denied response when attempting to retrieve host details.

Solution:

Ensure the scope of the role includes all administration groups (device groups) FortiSOAR needs to query.
Otherwise, even with Read permissions, the user will receive an Access Denied if trying to list devices in an unassigned group.

Technical Tip: FortiSOAR Kaspersky Security Center Connector Fails with Access Denied

You are leaving our website