To configure the AlienApp for Palo Alto Networks Prisma Access in USM Anywhere, you need to have authentication credentials for Prisma Access with the appropriate permissions.
Set up the Prisma Access API
Follow the instructions listed in the Prisma Access documentation. Here are the instructions on how to generate the client ID and client secret for USM Appliance.
To generate the required credentials
Log into Palo Alto Prisma Access as an Admin user.
Navigate to Settings > Identity & Access.
Select Add Identity, then Service Account.
Configure a user with one of the following roles:
Web Security Admin
Configure the AlienApp for Palo Alto Networks Prisma Access in USM Anywhere
To enable the AlienApp for Palo Alto Networks Prisma Access
- In USM Anywhere, go to Data Sources > AlienApps.
- Click the Available Apps tab.
- Search for the AlienApp, and then click the tile.
- Click Configure API.
If you have more than one deployed USM Anywhere Sensor, select the sensor that you want to use for the enabled AlienApp.
AlienApps operate through a deployed sensor and use APIs to integrate with the connected third-party technology. Select the sensor that can access the integration endpoint. The HTTPS connections to the API will originate from this sensor, so it is important to make sure the sensor has network access to the AlienApp API endpoints.
Enter the authentication credentials, including client ID and client secret.
- Click Save.