Revoke Cloud Identity Engine Permissions for Azure Active Directory
Table of Contents
Expand all | Collapse all
-
- cloud-identity-engine-attributes
- Collect Custom Attributes with the Cloud Identity Engine
- View Directory Data
- Cloud Identity Engine User Context
- Create a Cloud Dynamic User Group
- Configure Third-Party Device-ID
- Configure an IP Tag Cloud Connection
- Configure Dynamic Privilege Access in the Cloud Identity Engine
- Configure Security Risk for the Cloud Identity Engine
-
-
- Configure Azure as an IdP in the Cloud Identity Engine
- Configure Okta as an IdP in the Cloud Identity Engine
- Configure PingOne as an IdP in the Cloud Identity Engine
- Configure PingFederate as an IdP in the Cloud Identity Engine
- Configure Google as an IdP in the Cloud Identity Engine
- Configure a SAML 2.0-Compliant IdP in the Cloud Identity Engine
- Configure a Client Certificate
- Configure an OIDC Authentication Type
- Set Up an Authentication Profile
- Configure Cloud Identity Engine Authentication on the Firewall or Panorama
- Configure the Cloud Identity Engine as a Mapping Source on the Firewall or Panorama
- Configure Dynamic Privilege Access in the Cloud Identity Engine
-
- Get Help
Revoke Cloud Identity Engine Permissions for Azure Active Directory
Learn how to revoke permissions for the Cloud Identity
Engine to access your Azure Active Directory (AD).
If you want to revoke the permissions for
the Cloud Identity Engine to access your Azure Active Directory
(AD), delete the directory in your Cloud Identity Engine tenant
and delete the application from the Azure Portal.
To revoke
permissions for an Azure AD from the Cloud Identity Engine, you
must have at least the following role privileges in Azure AD: Application
Administrator and Cloud Application Administrator. For more information about
roles in Azure AD, refer to the following link.
- Delete the directory from your Cloud Identity Engine tenant.Log in to the Azure Portal with your administrator credentials.Select Azure Active Directory.In the Manage section, select Enterprise applications.In the Manage section, select All applications then select Palo Alto Networks Cloud Identity Engine.In the Manage section, select Properties.Delete the application and click Yes to confirm.When you confirm, the Cloud Identity Engine can no longer access this Azure AD.