Revoke Cloud Identity Engine Permissions for Azure Active Directory

Learn how to revoke permissions for the Cloud Identity Engine to access your Azure Active Directory (AD).
If you want to revoke the permissions for the Cloud Identity Engine to access your Azure Active Directory (AD), delete the directory in your Cloud Identity Engine instance and delete the application from the Azure Portal.
To revoke permissions for an Azure AD from the Cloud Identity Engine, you must have at least the following role privileges in Azure AD: Application Administrator and Cloud Application Administrator. For more information about roles in Azure AD, refer to the following link.
  1. Delete the directory from your Cloud Identity Engine instance.
  2. Log in to the Azure Portal with your administrator credentials.
  3. Select
    Azure Active Directory
    .
  4. In the
    Manage
    section, select
    Enterprise applications
    .
  5. In the
    Manage
    section, select
    All applications
    then select
    Palo Alto Networks Cloud Identity Engine
    .
  6. In the
    Manage
    section, select
    Properties
    .
  7. Delete
    the application and click
    Yes
    to confirm.
    When you confirm, the Cloud Identity Engine can no longer access this Azure AD.

Recommended For You