Activate the Cloud Identity Engine

Log in to the hub.
If you don’t see the Cloud Identity Engine, verify that you are using the tenant view then click
Explore Apps from Palo Alto Networks
.
Activate
the Cloud Identity Engine.
If the
Activate
button is not available, ensure your role has the necessary privileges. For more information about Cloud Identity Engine roles, refer to Manage Cloud Identity Engine App Roles.
The Cloud Identity Engine supports alphanumeric characters, underscores (_), hyphens (-), and periods (.) for the tenant name.

Select the information for your Cloud Identity Engine tenant.
Select the

Customer Support Account

for the tenant.



Select the

Region

where the tenant is located.

If you want to configure an on-premises Active Directory for the Cloud Identity Engine, the region you select must match the region info you enter for the

Cloud Identity Engine

in the Cloud Identity Configuration when you Configure the Cloud Identity Agent.



After you

Agree to the Terms and Conditions

, click

Activate Now

to activate your Cloud Identity Engine tenant.


Open
the Cloud Identity Engine app to begin configuring your Cloud Identity Engine app.
Depending on whether you want to use the Cloud Identity Engine for user identification, user authentication, or both, complete the following initial configuration tasks to begin using the Cloud Identity Engine for user visibility and policy enforcement. For more information, refer to Set Up the Cloud Identity Engine.
Choose Your Directory Type—Set up a directory to allow the Cloud Identity Engine to collect information for user visibility and policy enforcement.
Authenticate Users with the Cloud Identity Engine—Configure an authentication method to support user authentication with the Cloud Identity Engine.