Cloud Identity Engine Activation
Table of Contents
Cloud Identity Engine Activation
Learn about Cloud Identity Engine (CIE) activation.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
Welcome to Common Services
Cloud Identity Engine (CIE) activation. Use one of the following options:
First time Cloud Identity Engine Activation - One Customer Support Portal Account
Learn how to activate your Cloud Identity Engine(CIE) application for the first time if
you have only one Customer Support Portal account.
If you have only one Customer Support Portal account, follow these steps for first
time Cloud Identity Engine (CIE) activation.
- From the hub, select Activate.Because you have only one Customer Support Portal account associated with your username, the Customer Support Account is prepopulated.Allocate the product to the Recipient of your choice.
- The name provided matches your Customer Support Portal account for convenience. You can use the name provided or change it.Select a Region where you want to deploy your product.Agree to the terms and conditions, and Activate.A single default tenant is autocreated behind the scenes, and the product is activated in the tenant.This tenant, and any others created by this Customer Support Portal account, will have the Superuser role.
![]()
(Optional) Manage your product from Strata Cloud Manager.(Optional) Manage identity and access.First time Cloud Identity Engine Activation - Multiple Customer Support Portal Account
Learn how to activate your Cloud Identity Engine(CIE) application for the first time if you have multiple Customer Support Portal accounts.If you have multiple Customer Support Portal accounts, follow these steps for first time Cloud Identity Engine (CIE) activation.- From the hub, select Activate.If you have multiple Customer Support Portal accounts, choose the Customer Support Account number that you want to use.
![]()
Allocate the product to the Recipient of your choice.You can allocate your entire license to one recipient or you can share it with multiple recipients in a tenant hierarchy. What is a tenant?- If you need just one tenant, use or rename the tenant provided. The name provided matches your Customer Support Portal account for convenience.
![]()
(Optional) This step applies if you are a managed security service provider (MSSP), a distributed enterprise customer, or need multiple tenants. After you create the first tenant, you can Allocate to subtenant and use or rename the tenant provided.![]()
A subscription gets allocated on a tenant or a sub-tenant. This step is for choosing a tenant where you want to allocate a license, not for building a complete tenant hierarchy. You can create only a tenant and subtenant here, and you can choose to allocate a license to that subtenant.After activation, you can build out your tenant hierarchy as needed through tenant management. You can create your tenant hierarchy to reflect your existing organizational structure. You can also consider identity and access inheritance when creating the hierarchy, in addition to tenant hierarchy limits.After you create a tenant hierarchy, you can share a license.Select Done.Select a Region where you want to deploy your product.Agree to the terms and conditions, and Activate.This tenant, and any others created by this Customer Support Portal account, will have the Superuser role.(Optional) Manage your product from Strata Cloud Manager.(Optional) Manage identity and access.Return Visit Cloud Identity Engine Activation
Learn how to activate your Cloud Identity Engine for repeat visits.Follow these steps if you have already completed first time activation, you have already created your tenant hierarchy through or tenant management, and you are returning to activate another product in your existing hierarchy.- From the hub, select Activate.Choose the Customer Support Account number that you want to use to activate.
![]()
Allocate the subscription to the Recipient tenant of your choice.You can hover over each tenant to see which apps you already activated.![]()
Select a Region where you want to deploy your product.Agree to the terms and conditions, and Activate.(Optional) Manage your product from Strata Cloud Manager.(Optional) Manage identity and access.Share Cloud Identity Engine
Learn how to share Cloud Identity Engine (CIE) on tenants through Common Services.After you activate Cloud Identity Engine on a tenant and add child tenants, you can share (CIE) with the child tenants in your hierarchy.Regardless if you activate a new CIE instance on an existing tenant with existing Prisma Access or you activate a new CIE instance on a new tenant, you can share CIE under the following circumstances:- Share CIE from a parent tenant during a new Prisma Access
activation
![]()
- Share CIE from a parent tenant during the Prisma Access edit operation
- Share CIE to a child tenant that is not already running CIE
- Share CIE to a child tenant that is in the same region as the parent
If you don't have access to a parent tenant, the sharing option is not displayed. The parent can control which child can have access to see CIE sharing through Identity & Access Management Roles.- Use one of the various ways to access Tenant Management.Search or scroll to find the parent tenant where CIE is activated, and select Actions > Manage Sharing.
![]()
Select which tenants to share CIE:![]()
Save.
