Prisma Access Agent Administration
  • Prisma Access Agent Administration
  • Prisma Access Agent Documentation
  • All Documentation
>
Set Up Prisma Access Agent User Authentication (Prisma Access Deployment)
Focus
Download PDF
Focus
  1. Home
  2. Prisma Access Agent
  3. Configure the Prisma Access Agent
  4. Set Up the Prisma Access Agent
  5. Set Up Prisma Access Agent User Authentication
  6. Set Up Prisma Access Agent User Authentication (Prisma Access Deployment)
Download PDF
Prisma Access Agent

Set Up Prisma Access Agent User Authentication (Prisma Access Deployment)

Table of Contents
Learn how to set up the user authentication for Prisma Access Agent users in Prisma Access deployments.
For Prisma Access deployments, you can use Strata Cloud Manager or Panorama to set up user authentication so that only legitimate Prisma Access Agent users have access to your services and applications.
Before you begin, Set Up Cloud Identity Engine for Prisma Access Agent User Authentication and set up an authentication profile.
On Prisma Access Agent and GlobalProtect™ coexistence tenants, the Prisma Access Agent supports only SAML authentication with Cloud Identity Engine, while GlobalProtect supports authentication types such as SAML, RADIUS, LDAP, TACACS+, and Kerberos.
You can set up user authentication depending on the management platform that you're using.
Use Strata Cloud Manager to set up the authentication for Prisma Access Agent users in Prisma Access deployments.
You can use Strata Cloud Manager to set up user authentication so that only legitimate Prisma Access Agent users have access to your services and applications.
  1. In Strata Cloud Manager, select WorkflowsPrisma Access SetupAccess AgentPrisma Access Agent.
  2. If this is your first time setting up the Prisma Access Agent, click Set Up User Authentication.
    Otherwise, select an authentication method to update it or Add User Authentication.
  3. Select the endpoint operating system to Authenticate Users From. Selecting Match Any will authenticate users from all supported operating systems. The default is Match Any.
  4. Save your user authentication settings.
Use Panorama to set up the authentication for Prisma Access Agent users in Prisma Access deployments.
For Panorama managed Prisma Access deployments, you can set up user authentication so that only legitimate Prisma Access Agent users have access to your services and applications.
  1. From the Cloud Services plugin in Panorama, select PanoramaCloud ServicesPrisma Access AgentConfigure Prisma Access Agent.
  2. Select WorkflowsPrisma Access AgentSetup.
  3. Select Prisma Access Agent.
  4. If this is your first time setting up the Prisma Access Agent, click Add Authentication Profile.
    Otherwise, select an Authentication Method to update it.
  5. Select an Authentication Profile or Create New. This authentication profile maps to the Cloud Identity Engine authentication profile that validates the login credentials of end users who access applications and resources using the Prisma Access Agent.
    If you are creating a new profile:
    1. Click Create New.
    2. Enter a Profile Name and select an available Cloud Identity Engine Profile.
    3. Save your new profile. The profile is added to the list of authentication profiles.
    4. Select the profile you created if you want to use it to authenticate your users.
  6. Save your user authentication settings.

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.