Configure Azure Active Directory
Table of Contents
Expand all | Collapse all
-
- Cloud Identity Engine Attributes
- Collect Custom Attributes with the Cloud Identity Engine
- View Directory Data
- Cloud Identity Engine User Context
- Create a Cloud Dynamic User Group
- Configure Third-Party Device-ID
- Configure an IP Tag Cloud Connection
- Configure Dynamic Privilege Access in the Cloud Identity Engine
- Configure Security Risk for the Cloud Identity Engine
-
-
- Configure Azure as an IdP in the Cloud Identity Engine
- Configure Okta as an IdP in the Cloud Identity Engine
- Configure PingOne as an IdP in the Cloud Identity Engine
- Configure PingFederate as an IdP in the Cloud Identity Engine
- Configure Google as an IdP in the Cloud Identity Engine
- Configure a SAML 2.0-Compliant IdP in the Cloud Identity Engine
- Configure a Client Certificate
- Configure an OIDC Authentication Type
- Set Up an Authentication Profile
- Configure Cloud Identity Engine Authentication on the Firewall or Panorama
- Configure the Cloud Identity Engine as a Mapping Source on the Firewall or Panorama
- Configure Dynamic Privilege Access in the Cloud Identity Engine
-
- Get Help
Configure Azure Active Directory
Learn how to configure an Azure Active Directory (Azure AD) in the Cloud Identity
Engine.
After you configure your Azure AD, you can reconnect or edit the
configuration or revoke permissions for directory removal. You can also use the
client credential flow as an alternative to the CIE Enterprise app connection flow
type or Configure SCIM Connector for the Cloud Identity Engine to specify which attributes the Cloud
Identity Engine collects from your Azure AD. You can also Configure Azure as an IdP in the Cloud Identity Engine for user authentication.
To view the
attributes that the Cloud Identity Engine collects from your Azure AD for user
identification, see Azure Active Directory. You can also optionally Collect Custom Attributes with the Cloud Identity Engine if you use custom attributes in your directory.
- Set Up Azure Directory—Learn how to configure your Azure AD in the Cloud Identity Engine to collect attributes using the CIE Enterprise app, which is strongly recommended by Palo Alto Networks.
- Reconnect or Edit Azure Active Directory—If there is a disconnection between your Azure AD and the Cloud Identity Engine (for example, if a directory is unavailable or for troubleshooting purposes), you can reconnect or edit your configuration.
- Revoke Cloud Identity Engine Permissions for Azure Active Directory—If you no longer use a directory with the Cloud Identity Engine, you can revoke the permissions for the Cloud Identity Engine to access the directory.
- Configure Azure Using the Client Credential Flow—To allow your Azure AD and the Cloud Identity Engine to communicate, you can configure the client credential flow as an alternative connection flow type.