Hi All,
I am facing some challenges when I try to setup cloud app security for O365. My requirement is block download contains from Exchange online. however When I tried to Connect O365app with CAS and try to create Conditional Access policy I am facing below challenges,
First I try to connect the O365 as a collaboration app. I was able to connect the app but after sometime there is below error message as "connection error"
Get Users: Success
Get Events: HttpRequestFailureWithBody: Server returned: 400 Bad Request
[Cache-Control: no-cache, Pragma: no-cache, Content-Type: application/json; charset=utf-8, Expires: -1, Server: Microsoft-IIS/10.0, X-AspNet-Version: 4.0.30319, X-Powered-By: ASP.NET, Date: Thu, 22 Apr 2021 10:10:32 GMT, Content-Length: 1685]
{"error":{"code":"StartSubscription [CorrId=11b62ec9-9a31-40f5-9a6c-794f68942a82][TenantId=f008ce7d-c1cf-4ea8-8283-6d85de84f725,ContentType=Audit.SharePoint,ApplicationId=05a65629-4c1b-48c1-a78b-804c4abdd4af,PublisherId=00000000-0000-0000-0000-000000000000][AppId","message":"5a65629-4c1b-48c1-a78b-804c4abdd4af] failed. Exception: Microsoft.Office.Compliance.Audit.DataServiceException: Tenant f008ce7d-c1cf-4ea8-8283-6d85de84f725 does not exist.\r\n at Microsoft.Office.Compliance.Audit.API.AzureManager.<GetSubscriptionTableClientForTenantAsync>d_51.MoveNext() in d:\\dbs\\sh\\nibr\\0414_212145_1\\cmd\\5\\sources\\dev\\auditing\\src\\auditapiservice\\common\\AzureManager.cs:line 1986\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at Microsoft.Office.Compliance.Audit.API.AzureManager.<GetAPISubscriptionAsync>d22.MoveNext() in d:\\dbs\\sh\\nibr\\0414_212145_1\\cmd\\5\\sources\\dev\\auditing\\src\\auditapiservice\\common\\AzureManager.cs:line 523\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at Microsoft.Office.Compliance.Audit.API.StartController.<StartSubscription>d_0.MoveNext() in d:\\dbs\\sh\\nibr\\0414_212145_1\\cmd\\o\\sources\\dev\\auditing\\src\\auditapiservice\\apifrontendservicerole\\Controllers\\StartController.cs:line 76"}}

again when I try to create Conditional access policy it was stuck in "validating policy" stage forever.

FYI, I am on fully cloud. basically AzureAD + Exchange online. we don't have any on-prem servers.
appreciate the help.
Thanks,
Dilan