Revoke Cloud Identity Engine Permissions for Azure Active
Directory
Learn how to revoke permissions for the Cloud Identity
Engine to access your Azure Active Directory (AD).
If you want to revoke the permissions for
the Cloud Identity Engine to access your Azure Active Directory
(AD), delete the directory in your Cloud Identity Engine tenant
and delete the application from the Azure Portal.
To revoke
permissions for an Azure AD from the Cloud Identity Engine, you
must have at least the following role privileges in Azure AD: Application
Administrator and Cloud Application Administrator. For more information about
roles in Azure AD, refer to the following link.
Delete the
directory from your Cloud Identity Engine tenant.
Log in to the Azure Portal with your
administrator credentials.
Select
Azure Active Directory
.
In the
Manage
section, select
Enterprise
applications
.
In the
Manage
section, select
All
applications
then select
Palo Alto Networks
Cloud Identity Engine
.
In the
Manage
section, select
Properties
.
Delete
the application and click
Yes
to
confirm.
When
you confirm, the Cloud Identity Engine can no longer access this
Azure AD.