>
    Cloud Identity Engine
    Focus
    Download PDF
    Focus
    1. Home
    2. Strata Cloud Manager
    3. Manage: NGFW and Prisma Access
    4. Manage: Identity Services
    5. Manage: Authentication
    6. Manage: Authentication Profiles
    7. Cloud Identity Engine
    Download PDF
    Strata Cloud Manager

    Cloud Identity Engine

    Table of Contents

    Cloud Identity Engine

    Learn to configure Cloud Identity Engine authentication profiles.
    Where Can I Use This?What Do I Need?
    • Prisma Access (Managed by Panorama or Strata Cloud Manager)
    • NGFW, including those funded by Software NGFW Credits
    Each of these licenses include access to Strata Cloud Manager:
    → The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are using.
    The Cloud Identity Engine (CIE) is used for identifying and authenticating users in firewall web interfaces and mobile users in a Prisma Access Explicit Proxy deployment. In Prisma Access, the Cloud Identity Engine integrates with the Explicit Proxy Authentication Cache Service (ACS) and uses SAML identity providers (IdPs) to provide authentication for Explicit Proxy mobile users.
    To authenticate users using Cloud Identity Engine, you must configure an authentication profile.
    The SAML/CIE authentication method is displayed only if the Cloud Authentication Service (CAS) is enabled. If the CIE authentication or CAS is not supported on your Prisma Access tenant, then it shows only the SAML authentication method.
    Before you begin:
    1. Go to ManageConfigurationIdentity ServicesAuthentication, set the configuration scope to Explicit Proxy and Add Profile under Authentication Profiles.
    2. Select the Authentication Method: Cloud Identity Engine.
    3. Enter a unique Profile Name.
    4. Select the Cloud Identity Engine authentication Profile you configured in the Cloud Identity Engine.
    5. Save your changes.

    © 2025 Palo Alto Networks, Inc. All rights reserved.