: Revoke Cloud Identity Engine Permissions for Azure Active Directory
Focus
Focus

Revoke Cloud Identity Engine Permissions for Azure Active Directory

Table of Contents

Revoke Cloud Identity Engine Permissions for Azure Active Directory

Learn how to revoke permissions for the Cloud Identity Engine to access your Azure Active Directory (AD).
If you want to revoke the permissions for the Cloud Identity Engine to access your Azure Active Directory (AD), delete the directory in your Cloud Identity Engine tenant and delete the application from the Azure Portal.
To revoke permissions for an Azure AD from the Cloud Identity Engine, you must have at least the following role privileges in Azure AD: Application Administrator and Cloud Application Administrator. For more information about roles in Azure AD, refer to the following link.
  1. Delete the directory from your Cloud Identity Engine tenant.
  2. Log in to the Azure Portal with your administrator credentials.
  3. Select Azure Active Directory.
  4. In the Manage section, select Enterprise applications.
  5. In the Manage section, select All applications then select Palo Alto Networks Cloud Identity Engine.
  6. In the Manage section, select Properties.
  7. Delete the application and click Yes to confirm.
    When you confirm, the Cloud Identity Engine can no longer access this Azure AD.