Strata Cloud Manager

1. Set up authentication for your Device Security users.

   • Palo Alto Networks SSO Add User Access Through Common Services
   • Third-party IdP SSO Manage Third-Party Identity Provider Integrations Through Common Services
     If you activated Device Security before June 2025 and use a third-party IdP SSO, you need to reconfigure your third-party IdP through Common Services to access Device Security in Strata Cloud Manager.
2. Assign a Predefined Role to a Tenant User or Service Account Through Common Services

   Strata Cloud Manager uses Common Services to manage user roles. From the enterprise roles available in Common Services, Device Security supports the Superuser role and the View Only Administrator role.

   For customers transitioning from the Device Security portal to Device Security in Strata Cloud Manager, the Device Security user roles map to the following Strata Cloud Manager roles:

   • Owner -> Superuser
   • Administrator -> Superuser
   • Read-only -> View-only Administrator
3. Periodically review all users and roles with access to Device Security and remove user access through Common Services as needed.