Which role does Prisma Cloud play when configuring SSO?
Which role does Prisma Cloud play when configuring SSO?
Prisma Cloud acts as the Service Provider (SP) when configuring Single Sign-On (SSO). In an SSO setup, the Service Provider relies on the Identity Provider (IdP) to authenticate users. When users attempt to log in to Prisma Cloud, they are redirected to the IdP (for example, OneLogin, OKTA, or Azure) for authentication. After successful authentication, the IdP sends a SAML assertion to Prisma Cloud, allowing access to the service. Therefore, the correct role played by Prisma Cloud in this scenario is that of the Service Provider.
Prisma Cloud is Service provider.
Palo Alto Tech Docs: To secure administrator access to Prisma Cloud, set up OneLogin as an IdP and then configure Prisma Cloud as SP for SSO. SP is Service Provider. So B is correct.
B Prisma Cloud --> SP OKTA, Azure, etc. --> IdP
A Just in time provisioning is done by Prisma. Service provider in SSO is IdP (OKTA etc.), SAML is protocol name, Identity provider issuer - is a kind of authentication value send by IdP.
D https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/setup-sso-integration-on-prisma-cloud/setup-sso-integration-on-prisma-cloud-for-okta