Strata Copilot
    Common Services: Identity and Access
    : Sailpoint
    Focus
    Download PDF
    Focus
    1. Home
    2. Common Services
    3. Common Services: Identity and Access
    4. Manage Third-Party Identity Provider Integrations Through Common Services
    5. SCIM
    6. Sailpoint
    Download PDF

    Common Services: Identity and Access

    Sailpoint

    Table of Contents

    Sailpoint

    Contains instructions to setup sailpoint SCIM.
    1. Set up Strata Cloud Manager to use a SCIM to manage identity access.
      1. Create a TSG (Tenant Service Group).
      2. Create a Service Account with a Superuser role inside the TSG you created.
        Record the client credentials for later use.
      3. Click Change Authorization Source.
      4. Enable SCIM and then Save to apply your changes.
        After the SCIM integration is enabled for Strata Cloud Manager, all access management changes will only be allowed through the SCIM provider.
    2. Set up the SCIM to manage access for Strata Cloud Manager.
      For the most up-to-date instructions on managing a SCIM Connector, see the SailPoint documentation.
      1. Import the XML file containing the Strata Cloud Manager SCIM Connector configuration into Sailpoint (this XML file will be provided by your account representative).
        After importing the XML, the application will display under the Application Definition.
      2. Select the application and enter the OAuth2 client credentials from the service account you created in Strata Cloud Manager.
      3. Set up Aggregation Tasks in SailPoint for Accounts and Groups for the SCIM Connector.
        This ensures that all relevant identity data from Strata Cloud Manager is efficiently integrated into SailPoint, enabling better identity governance, streamlined access management, and enhanced security.

    © 2026 Palo Alto Networks, Inc. All rights reserved.