What enterprise applications does Portnox Cloud install and use in Azure?

If you integrate Portnox Cloud with Microsoft Azure (Entra ID) as an authentication repository, or with Microsoft Intune for risk profiling and endpoint management, you will notice that Portnox Cloud installs specific enterprise applications in your Azure instance as part of the integration process. This topic contains information about the purpose of each of these applications.

Enterprise application Purpose
Portnox CLEAR Native App Used for verifying user credentials during RADIUS 802.1X authentication and AgentP enrollment. Required for Cloud to be able to use Azure (Entra ID) as the authentication repository.
Portnox CLEAR Web App Used for reading data from the tenant during integration provisioning, AD synchronization, and more. Required for Cloud to be able to use Azure (Entra ID) as the authentication repository.
Portnox CLEAR Intune Used for exchanging risk assessment and endpoint management information between Cloud and Intune. Required for integration with Microsoft Intune.
Portnox CLEAR SCEP Validation Used for issuing SCEP certificates from Intune to endpoints. Required if you want to request SCEP certificates from Intune.
Portnox CLEAR AgentP Enrollment Used for enrolling AgentP via Azure in multi-user mode. Required for AgentP if it’s running in multi-user mode with Azure (Entra ID) authentication.
Portnox CLEAR WebSSO Used for authenticating in the Portnox Cloud portal and the self-onboarding portal with Azure (Entra ID) single sign-on.
Portnox CLEAR Azure AD Integration Used to create the Native App, the Web App, and the Intune enterprise applications. You can delete it after completing automatic integration with Azure and/or Intune.
Portnox Conditional Access EAM Used to enable the Portnox Conditional Access service with Entra ID.
Portnox Conditional Access EAM Used to enable the Portnox Conditional Access service with Entra ID EAM.
Portnox Conditional Access for Applications Perpetual Policy Enforcement Used by the Portnox Conditional Access service to revoke application access to devices that are blocked, agentless, or have reached the Block level in a risk policy.