Add an Azure Active Directory Account on Prisma Cloud

Add your Azure Active Directory account on Prisma Cloud to retrieve information on your users.
Connecting Prisma™ Cloud to monitor your Azure Active Directory enables you to retrieve information on your users who access resources deployed within your Azure subscription.
  1. Authorize an Azure Active Directory application to read user profile information.
    1. Log in to the Azure portal.
    2. Select
      Azure Active Directory
      App Registrations
    3. Select the application from the list and select
      API Permissions
      Add a Permission
    4. Select
      Microsoft Graph
      Application Permissions
      This allows you to allow the application to access the Microsoft Graph APIs.
    5. Select the permission
      , and
      Add Permission
      The permission you added allows the app to read user profiles without a signed in user.
      This permission requires admin consent. An Azure AD tenant administrator must grant these permissions by making a call to the admin consent endpoint.
  2. Collect the details for the Active Directory app.
    1. Log in to the Azure portal.
    2. Get the
      Directory (tenant) ID
    3. Get the
      Application (client) ID
      Object ID
      You must enter the Object ID as the Enterprise Application Object ID in Step 3-d.
    4. Get the
      Application Key
  3. Add your Azure Active Directory on Prisma Cloud.
    1. Access Prisma Cloud and select
      Cloud Accounts
      Add New
    2. Enter a
      Cloud Account Name
    3. Select
      Onboard using Azure Active Directory
    4. Select
      Cloud Type
      Azure and the
      environment where your AD resources are deployed, click
    5. Enter your Azure
      Directory (Tenant) ID
      Application (Client) ID
      Application Client Secret
      Enterprise Application Object ID
    6. Select the
      Account Groups
      you want to add and click
      You must assign each cloud account to an account group, and Create an Alert Rule for Run-Time Checks to associate the account group with it to generate alerts when a policy violation occurs.
    7. Verify the
      to save your changes.
      If Prisma Cloud is able to validate the credentials by making an authentication call using the credentials provided in the previous step, it displays a green check mark.
  4. Verify that you can view the information on your Azure Active Directory users on Prisma Cloud.
    1. Log in to Prisma Cloud.
    2. Select
      and enter the following RQL query to view details on your Azure Active Directory users.
      config where cloud.type = 'azure' AND = 'azure-active-directory-user' AND json.rule = userType equals "Guest"

Recommended For You