Learn more about the new features introduced for the Cloud Identity Engine, including
the view-only administrator role.
The following table provides a snapshot of new features introduced for the Cloud Identity
Engine app in June 2023. Refer to the Cloud Identity Engine documentation for more
information on how to use the Cloud Identity Engine.
You can now configure an administrator role that has
view-only privileges for Cloud Identity Engine data. This
new role allows users to view all data available for the current
tenant in the Cloud Identity Engine, including detailed data for
Active Directory.
Support for the Cloud Identity Engine SCIM Connector in
the Okta Integration Network
The Cloud Identity Engine SCIM Connector is now available as an
application in the Okta Integration Network.
If you're using the SCIM Connector with your Okta
directory, Palo Alto Networks strongly recommends using
the gallery app as an alternative to the custom app.
Risk attribute support in Cloud Dynamic User Groups
Cloud Dynamic User Groups now
support groups based on anomalous user behavior attributes detected by
Microsoft Active Directory Identity
Protection. This allows you to create groups where membership
is based on attributes such as risk level (high, medium, and low) and
the type of risky activity (such as an unusual login location). By
applying the assessments of your user's behavior in your Cloud Dynamic
User Groups, you can strengthen your Security policy by creating groups
that automatically respond to changing user needs and activity.
