Identity
Associate the Cloud Identity Engine with Palo Alto Networks Apps
Table of Contents
Associate the Cloud Identity Engine with Palo Alto Networks Apps
Associate your Cloud Identity Engine tenant with other Palo Alto Networks apps to
allow them to reference your directory data.
| Where Can I Use This? | What Do I Need? |
|---|---|
| The Cloud Identity Engine service is free; however, the enforcement points utilizing directory data may require specific licenses. Click here for more information. |
The following procedures describe the steps for the support account view in
the Hub. If you are using the tenant account view, association is not
necessary for a tenant service group (TSG). For more information, refer
to the Hub Getting Started guide.
By associating your Cloud Identity Engine tenants with other Palo Alto Networks apps,
you can allow these apps and services to access your directory information for
reporting and policy enforcement. You can associate the Cloud Identity Engine tenant
with another app during activation or with an existing app at any time.
To share user attributes with multiple apps, associate the same Cloud Identity
Engine tenant with each app.
Associate the Cloud Identity Engine During Activation
Learn how to associate the Cloud Identity Engine with
other Palo Alto Networks apps during tenant activation.
The following procedures describe the steps for
the support account view in the Hub. If you are using the tenant
account view, association is not necessary for a tenant service
group (TSG). For more information,
refer to the Hub Getting Started guide.
- Using your Auth Code, activate the Palo Alto Networks cloud app you want to associate with the Cloud Identity Engine tenant.
![]()
Enter the information required to activate the application, such as an Instance Name and a Region, which will vary depending on the app.Select the Cloud Identity Engine tenant you want to associate with the app.Only Cloud Identity Engine tenants that are compatible with the Palo Alto Networks cloud application are displayed in the drop-down list. For example, a Cloud Identity Engine tenant assigned to the US region would be compatible with another Palo Alto Networks cloud service app assigned to the US region. If the Cloud Identity Engine field is not available, the Palo Alto Networks cloud services app you selected does not support the Cloud Identity Engine.Agree and Activate the app.Associate the Cloud Identity Engine with an Existing App
Learn how to associate the Cloud Identity Engine with an existing app on the hub.The following procedures describe the steps for the support account view in the Hub. If you are using the tenant account view, association is not necessary for a tenant service group (TSG). For more information, refer to the Hub Getting Started guide.- Log in to the hub, click Settings () then Manage Apps.
![]()
Select the app you want to associate with the Cloud Identity Engine tenant.Select the Cloud Identity Engine tenant you want to associate with the app and click OK.![]()
Only Cloud Identity Engine tenants that are compatible with the Palo Alto Networks cloud application are displayed in the drop-down list. For example, a Cloud Identity Engine tenant assigned to the US region would be compatible with another Palo Alto Networks cloud service app assigned to the US region. If the Cloud Identity Engine field is not available, the Palo Alto Networks cloud services app you selected does not support the Cloud Identity Engine.After you associate the app, the Cloud Identity Engine tenant name displays in the Cloud Identity Engine column in the hub ().
