Add Prisma SaaS Administrators
Create additional administrator accounts with specific privileges on Prisma SaaS.
Initially, to create new administrator accounts on Prisma SaaS, log in as the administrator with the
Super Adminrole, which is the role assigned to the user specified in the order fulfillment email. With the Super Admin role, you can create additional administrator accounts, assign administrator roles, and create teams.
As an admin of a team, you can create other admin accounts with access to the SaaS applications assigned to your team but only a Super Admin role can create other Super Admin accounts. You do not need to create administrator accounts for end users who use the application to create or share content within each SaaS application.
With Prisma SaaS, if you add an administrator with an email that already exists in Customer Support Portal, their Prisma SaaS account will be linked to their CSP account. If you add an administrator with an email that does not exist in CSP, then an account will be created for them on Prisma SaaS, as well as an account in CSP tied to your organization.
- SelectandSettingsAdmin AccountsAdd Administrator.
- Enter theNameand
- Choose anAuthentication Type:
- Single Sign-On (SSO)—SAML SSO authentication enables you to grant admin access with seamless authentication using a single set of credentials. This option eliminates the need for application or service specific passwords. Configure SAML Single Sign-On (SSO) Authentication to activate this option. If you enable SSO, you do not have to create administrator accounts on the local database.
- Local Authentication— You can select Configure Google Multi-Factor Authentication (MFA) to grant admin access only after successfully presenting a pass code pair or QR barcode as evidence (additional factor) to authenticate to Prisma SaaS.Local authentication is not supported for Prisma SaaS activated on the hub.
- Select the administrativeRole:
- Super Admin—A read-write administrator account that allows full functionality within Prisma SaaS, including global account settings, creating administrator accounts, and assigning administrator roles.
- Admin—A read-write administrator account that allows full functionality within Prisma SaaS, including the ability to automatically or manually remediate risks and create additional administrator accounts.
- Incident Management Admin—An administrator account that allows granular access to investigate and remediate incidents only.
- Limited Admin—An administrator account that allows the administrator to assess incidents and remediate risks. This administrator cannot access Prisma SaaS settings or modify policy rules.
- Read Only—An administrator account that allows the administrator to view information collected by Prisma SaaS and generate reports but does not allow the administrator to make changes. For example, this administrator can access incidents, but cannot remediate risks.
- Custom Role—An administrator account with custom permissions to allow specific management tasks that meet your organizational needs.
- Select theTeamto assign the administrator to.If you have not created any custom teams, assign the administrator to the predefinedAll Appsteam.
- Select the defaultLanguagefor the new administrator.
- Saveyour changes.To verify the role associated with administrator, search using the email address. You can also download a CSV file to view the complete list of all administrative users configured on Prisma SaaS.
Manage Prisma SaaS Administrators
Add Prisma SaaS administrators, manage authentication, create admin teams, and view activity on the Prisma SaaS dashboard. ...
Create Prisma SaaS Teams (Beta)
Use Prisma SaaS teams to group cloud applications and restrict access to the assets, incidents, and reports for the cloud app. ...
Configure SAML Single Sign-On (SSO) Authentication
Set up SAML single sign-on authentication to use existing enterprise credentials to access Prisma SaaS. ...
Select an Authentication Method
Configure Google MFA or SAML SSO authentication to access Prisma SaaS. ...
Begin Scanning a Google Drive App
Add your Google Drive App to Prisma SaaS to begin scanning and monitoring assets for possible security risks. ...
Reset Administrator Authentication
Reset Google MFA for an administrator account on Prisma SaaS. ...
Access Prisma SaaS
Log in to Prisma SaaS and restrict the IP addresses administrators can log in from. ...
Reset Administrator Password
Learn how to reset the password for an administrator on Prisma SaaS. ...