Focus

Add a New User on Prisma SD-WAN

Table of Contents

Filter

Expand All | Collapse All

Prisma SD-WAN Docs

Administration
Deployment
Incidents & Alerts
CloudBlades
Version
- AWS Transit Gateway
- Azure vWAN
- Azure vWAN with vION
- ChatBot for MS Teams
- ChatBot for Slack
- CloudBlades Integration with Prisma Access
- GCP NCC
- Service Now
- Zoom QSS
- Zscaler Internet Access
Reference
Release Notes
Version
- ION 5.2
- ION 5.3
- ION 5.4
- ION 5.5
- ION 5.6
- ION 6.0
- ION 6.1
- ION 6.2
- ION 6.3
- ION 6.4
- New Features Guide
- On-Premises Controller
- Prisma Access CloudBlade Cloud Managed
- Prisma Access CloudBlade Panorama Managed
- Prisma SD-WAN CloudBlades

System Roles

Custom Roles

Add a New User on Prisma SD-WAN

Let us learn more about adding a new user on Prisma SD-WAN.

Where Can I Use This?	What Do I Need?
Prisma SD-WAN	Active Prisma SD-WAN license

Add a new user with system role as per the requirements of your enterprise. An IAM administrator assigns roles to users responsible for administering the network in your enterprise.

Use the following links to add users based on your web interface.

Migrated to .
Using the

Migrated to Strata Cloud Manager

If your Prisma SD-WAN tenant has migrated to Strata Cloud Manager (SCM), your users are now a part of the Tenant Service group (TSG). As part of the migration, you now manage, add, and edit users through the Strata Cloud Manager Identity and Access settings.

However, you will continue to see the migrated users in Strata Cloud Manager under ManagePrisma SD-WANSystemAccess ManagementTenant AccessAuth Token Session Lock.

You cannot add or edit users here, you can only modify the IP session lock for users for API access.
Using the stand-alone Prisma SD-WAN web interface (Non-TSG Tenants)
1. Select ManageSystemAccess ManagementUser AccessUser ManagementAdd User.
2. For Create New User, enter the First Name and optionally the Last Name of the user.
3. Toggle Access to allow the user to access the Prisma SD-WAN web interface.
  
  By default, access is disabled.
4. Add the Email/Login ID.
5. Enter a New Password and confirm the password for the user.
6. Choose a Role for the user.
  
  Assign one or more roles to the user. Select from the available system or custom roles. Or create custom roles.
7. Select the IP Session Lock.
  
  IP Session Lock checks the client source IP address from where a login request originates. By default it is enabled.
  If IP session lock is enabled, the auth tokens generated from this user is locked to the user's IP address.
  If auth tokens are generated and IP session lock for a user is left as Default or Enabled, the auth token is usable only from the source IP address from which it was generated.
  If auth tokens from this user is only used on machines that they are generated on, and the source IP address used to connect to the API remains the same, then you can choose the Enabled or Default.
  If the auth tokens are intended to be used on different systems and/or systems that may connect to the API from different IP Addresses, choose Disabled.
8. (Optional) Enter the IP/Prefix Access List.
  
  IP/Prefix Access List enables the login for the entered IP addresses. Add multiple IP addresses by selecting Add Another IP to the list.
  
  (Optional) Add Mobile Phone and Secondary Email to the user profile.
9. Save to add the user details.

System Roles

Custom Roles

Prisma SD-WAN Docs

Add a New User on Prisma SD-WAN

Prisma SD-WAN Docs

Add a New User on Prisma SD-WAN

Activation & Onboarding

SASE

Visibility & Monitoring

Hardware Reference

Hardware Quick Start Guides

Virtual ION Deployment

Prisma SD-WAN Integration

Prisma SD-WAN Experts Corner

Best Practices