Activate the Cloud Identity Engine

1. Log in to the hub.
   If you don’t see the Cloud Identity Engine, verify that you are using the tenant view then click Explore Apps from Palo Alto Networks.
2. Activate the Cloud Identity Engine.
   If the Activate button is not available, ensure your role has the necessary privileges. For more information about Cloud Identity Engine roles, refer to Manage Cloud Identity Engine App Roles.

   The Cloud Identity Engine supports alphanumeric characters, underscores (_), hyphens (-), and periods (.) for the tenant name.

3. Select the information for your Cloud Identity Engine tenant.
   1. Select the Customer Support Account for the tenant.

   2. Select the Region where the tenant is located.
      If you want to configure an on-premises Active Directory for the Cloud Identity Engine, the region you select must match the region info you enter for the Cloud Identity Engine in the Cloud Identity Configuration when you Configure the Cloud Identity Agent.

   3. After you Agree to the Terms and Conditions, click Activate Now to activate your Cloud Identity Engine tenant.

4. Open the Cloud Identity Engine app to begin configuring your Cloud Identity Engine app.
   Depending on whether you want to use the Cloud Identity Engine for user identification, user authentication, or both, complete the following initial configuration tasks to begin using the Cloud Identity Engine for user visibility and policy enforcement. For more information, refer to Set Up the Cloud Identity Engine.

   • Choose Your Directory Type—Set up a directory to allow the Cloud Identity Engine to collect information for user visibility and policy enforcement.
   • Authenticate Users with the Cloud Identity Engine—Configure an authentication method to support user authentication with the Cloud Identity Engine.