Common Services: Identity and Access
    : Add User Access Through Common Services
    Focus
    Download PDF
    Focus
    1. Home
    2. Common Services
    3. Common Services: Identity and Access
    4. Manage Identity and Access Through Common Services
    5. Add User Access Through Common Services
    Download PDF

    Common Services: Identity and Access

    Add User Access Through Common Services

    Table of Contents

    Add User Access Through Common Services

    Learn how to add Common Services user access.
    The Common Services: Access and Identity enables you to add user access to the platform as well as to the tenants you created.
    If you are a Prisma SD-WAN customer, you can use IP Session Lock for restricting access by client source IP address and also for legacy API auth token purposes, but general user management is done here.
    A Palo Alto Networks Customer Support Account is only necessary for users who need to perform onboarding tasks. Other users can be invited to use Palo Alto Networks single sign on without Customer Support Accounts. Be aware that not all apps are fully migrated to use Identity and Access, so still might need to use Customer Support Accounts. However, If you integrate with a third party IDP for your enterprise, you do not have to add user accounts explicitly in the platform as they will be automatically added when they are successfully authenticated. However, roles need to be assigned for all users. To ensure a seamless login and authorization experience for your users, you can add users and assign roles for them ahead of time.
    After you add a tenant, you can add a service account from Common ServicesIdentity & Access.
    Any user access added to a tenant is also automatically added to all of that tenant's children.
    1. Use one of the various ways to access Common ServicesIdentity & Access.
    2. Select Identity & Access/Access Management.
    3. Select the tenant where you want to add user access. For example:
      • Select the ParentTenant for a user who needs access to all the tenants in the hierarchy.
      • Select the ChildTenant for a user who only needs access to a single tenant or to a subset of tenants in the hierarchy.
      • About identity and access for more information.
    4. Select Add.
    5. Specify the following values to add user access:
      1. Select User as the Identity Type.
      2. Enter the email address of the user and select Next.
      Common Services attempts to verify that the email address you entered is registered with Palo Alto Networks.
    6. If the email address you entered in the previous step is not yet registered with Palo Alto Networks, you are prompted to Send Invite to invite the user to register.
    7. Select Next and then Assign a Predefined Role to a Tenant User or Service Account.

    © 2024 Palo Alto Networks, Inc. All rights reserved.