Who Can Use Common Services: Identity & Access?
Table of Contents
Expand all | Collapse all
-
- Add an Identity Federation
- Manually Configure a SAML Identity Provider
- Upload SAML Identity Provider Metadata
- Get the URL of a SAML Identity Provider
- Clone SAML Identity Provider Configuration
- Add an Identity Federation Owner
- Delete an Identity Federation Owner
- Configure Palo Alto Networks as a Service Provider
- Delete an Identity Federation
- Map a Tenant for Authorization
- Update Tenant Mapping for Authorization
- PAN Resource Name Mapping Properties
Who Can Use Common Services: Identity & Access?
Common Services
: Identity & Access? Learn who can use
Common Services
: Identity
& Access Management.The following topics address who can use
Common Services
: Identity & Access Management. Cloud-managed Prisma Access
First Time Activation | Transitioned to Prisma SASE | Managed Security Service Provider (MSSP) |
|---|---|---|
If you are a new Cloud-managed Prisma Access customer
as of August 2022, use Identity &
Access to manage user access, roles, and service accounts. | If you are an existing Cloud-managed Prisma
Access customer, you have received information about
the transition of your Prisma Access tenant to the Prisma SASE
Platform. After your Prisma Access instance is transitioned to a tenant,
you will no longer see a Prisma Access app tile on the hub. However,
there will be a button on the hub to navigate to sase.paloaltonetworks.com. After
the transition, use Identity &
Access to manage user access, roles, and service accounts.
Your existing users and roles will be migrated with the appropriate
roles. Until the transition, continue to manage your deployment
as you have been doing. | If you are a Managed Security Service Provider (MSSP)
or distributed enterprise Prisma Access customer as of July 2022,
you are already using Identity &
Access to manage user access, roles, and service accounts. |
Panorama-managed Prisma Access
If you are an existing Panorama-managed Prisma Access customer, you have received information about the transition
of your Prisma Access license activation to
Common Services
. After the
transition, you can only use Common Services
for license activation. You
cannot use the other Common Services
such as Tenant Management or Identity
& Access for managing Prisma Access or Panorama. Continue to manage your tenants
and user role permissions on Panorama as you have been doing. However, you can use
Common Services
: Identity and Access for managing other apps such as ADEM
and Insights.Prisma SD-WAN
First Time Activation | Transitioned to Prisma SASE | Managed Security Service Provider (MSSP) |
|---|---|---|
If you are a new Prisma SD-WAN customer
as of July 2022, you are automatically directed to Identity & Access to
manage user access, roles, and service accounts. | If you are an existing Prisma SD-WAN customer
who has received information about
the transition of your tenant to the Prisma SASE
Platform. After your instance is transitioned to a tenant, you will
no longer see an app tile on the hub. However, there will be a button on
the hub to navigate to sase.paloaltonetworks.com. After the transition,
use Identity &
Access to manage user access, roles, and service accounts.
Your existing users and roles will be migrated with the appropriate
roles. Until the transition, continue to manage your deployment
as you have been doing. | If you are a Managed Security Service Provider (MSSP)
or distributed enterprise Prisma SD-WAN customer as of July 2022,
you are already using Identity &
Access to manage user access, roles, and service accounts. |
CASB
If you are a
new CASB customer as of November 2022, or an existing customer with
SaaS Security API who wants to upgrade to CASB, use Identity & Access to
manage user access, roles, and service accounts.
Enterprise License Agreement Add-on
If you are an ELA customer using the AIOps for
NGFW add-on, which is compatible with tenants and tenant service groups (TSGs)
as of February 2023, use Identity & Access to
manage user access, roles, and service accounts.
If you are an ELA customer using the IoT Security
add-on, which is compatible with tenants and tenant service groups (TSGs) as of
March 2023, use Identity & Access to
manage user access, roles, and service accounts.
AIOps for NGFW a la Carte
If you are using the AIOps for NGFW a la carte license, which is compatible with
tenants and tenant service groups (TSGs) as of February 2023, use Identity & Access to
manage user access, roles, and service accounts.
SaaS Security Posture Management
If you are using the standalone SaaS Security Posture
Management license, which is compatible with tenants and tenant service
groups (TSGs) as of February 2023, use Identity &
Access to manage user access, roles, and service accounts.to
activate licenses.