Associate your Cloud Identity Engine tenant with other Palo Alto Networks apps to
allow them to reference your directory data.
| Where Can I Use This? | What Do I Need? |
|---|
|
| The Cloud Identity Engine service is free; however, the
enforcement points utilizing directory data may require specific
licenses. Click here for more
information. |
The following procedures describe the steps for the support account view in
the Hub. If you are using the tenant account view, association is not
necessary for a tenant service group (
TSG). For more information, refer
to the
Hub Getting Started guide.
By associating your Cloud Identity Engine tenants with other Palo Alto Networks apps,
you can allow these apps and services to access your directory information for
reporting and policy enforcement. You can associate the Cloud Identity Engine tenant
with another app during activation or with an existing app at any time.
To share user attributes with multiple apps, associate the same Cloud Identity
Engine tenant with each app.
Associate the Cloud Identity Engine During Activation
Learn how to associate the Cloud Identity Engine with
other Palo Alto Networks apps during tenant activation.
The following procedures describe the steps for
the support account view in the Hub. If you are using the tenant
account view, association is not necessary for a tenant service
group (
TSG). For more information,
refer to the
Hub Getting Started guide.
Using your Auth Code,
activate the Palo Alto
Networks cloud app you want to associate with the Cloud Identity
Engine tenant.
Enter the information required to activate the application, such
as an
Instance Name and a
Region,
which will vary depending on the app.
Select the
Cloud Identity Engine tenant
you want to associate with the app.
Only
Cloud Identity Engine tenants that are compatible with the Palo
Alto Networks cloud application are displayed in the drop-down list.
For example, a Cloud Identity Engine tenant assigned to the US region
would be compatible with another Palo Alto Networks cloud service
app assigned to the US region. If the Cloud Identity Engine field
is not available, the Palo Alto Networks cloud services app you
selected does not support the Cloud Identity Engine.
Agree and Activate the app.
Associate the Cloud Identity Engine with an Existing App
Learn how to associate the Cloud Identity Engine with
an existing app on the hub.
The following procedures describe the steps for
the support account view in the Hub. If you are using the tenant
account view, association is not necessary for a tenant service
group (
TSG). For more information,
refer to the
Hub Getting Started guide.
Log in to the hub, click
Settings (
) then
Manage
Apps.
Select the app you want to associate with the Cloud Identity Engine
tenant.
Select the
Cloud Identity Engine tenant
you want to associate with the app and click
OK.
Only Cloud
Identity Engine tenants that are compatible with the Palo Alto Networks
cloud application are displayed in the drop-down list. For example,
a Cloud Identity Engine tenant assigned to the US region would be
compatible with another Palo Alto Networks cloud service app assigned
to the US region. If the Cloud Identity Engine field is not available,
the Palo Alto Networks cloud services app you selected does not
support the Cloud Identity Engine.
After you associate the
app, the Cloud Identity Engine tenant name displays in the Cloud
Identity Engine column in the hub ().
