To configure the BlueApp for Palo Alto Networks Prisma Access in USM Anywhere, you need to have authentication credentials for Prisma Access with the appropriate permissions.

Set up the Prisma Access API

Follow the instructions listed in the Prisma Access documentation. Here are the instructions on how to generate the client ID and client secret for USM Appliance.

To generate the required credentials

1. Log into Palo Alto Prisma Access as an Admin user.

2. Navigate to Settings > Identity & Access.

3. Select Add Identity, then Service Account.

4. Configure a user with one of the following roles:

   1. Superuser

   2. Web Security Admin

   3. Security Administrator

Configure the BlueApp for Palo Alto Networks Prisma Access in USM Anywhere

To enable the BlueApp for Palo Alto Networks Prisma Access

1. In USM Anywhere, go to Data Sources > BlueApps.
2. Click the Available Apps tab.
3. Search for the BlueApp, and then click the tile.
4. Click Configure API.

5. If you have more than one deployed USM Anywhere Sensor, select the sensor that you want to use for the enabled BlueApp.

   BlueApps operate through a deployed sensor and use APIs to integrate with the connected third-party technology. Select the sensor that can access the integration endpoint. The HTTPS connections to the API will originate from this sensor, so it is important to make sure the sensor has network access to the BlueApp API endpoints.

6. Enter the authentication credentials, including client ID and client secret.

7. Click Save.