Hi Everyone, We have a new instance of Prisma SaaS. It is not yet configured for all users and/or SaaS applications. It is however connected to the Palo Alto Hub...so the few users we have access Prisma SaaS via their Palo Alto Support credentials. Once we hook up our SaaS applications, we would like to add users from various departments (e.g. Legal)...but it doesn't make sense for them to have Palo Alto Support accounts. We read through the Prisma SaaS Administration Guide and there appears to be a way to set up SSO using our authentication provider. However, when we try to upload our certificate we always get a "Certificate Loading Error" message showing up. I briefly spoke with a Palo representative and they mentioned that since our Prisma SaaS instance is connected to the Palo Hub, we can't set up SSO using our authentication provider. Is there any way to remove Prisma SaaS from the Hub so we can use our auth provider? The documentation makes no mention of not being able to use our SSO after we connected it to the Hub. We tried many various certificate export types (DER encoded & Base-64 encoded .cer files), but they both produce the "Certificate Loading Error".
... View more