: Make Your First API Call
Focus
Focus

Make Your First API Call

Table of Contents
End-of-Life (EoL)

Make Your First API Call

Get Your API Key to make your first call to the PAN-OS XML API. Make sure to URL encode the request parameters in the HTTP request.
The API Docs use a number of general conventions and should not be copy and pasted verbatim. Adjust the call to your specific firewall before making the request.
VariableReplace With
<firewall>The IP address of the firewall or Panorama appliance you intend to target with your request.
apikeyThe unique API key you generate.
All the query strings in Get requests must be a URL-Encoded parameter string. If you use a space in the URL-Encoded request, you must include either a plus sign or %20 to replace the space.
If you have trouble replicating any of the API requests in our documentation as a first step, Use the API Browser to build your requests.
  1. Make a cURL call to get system information, which returns the IP address, hostname, and model of your firewall. Be sure to include the API key:
    curl -k 'https://<firewall>//api/?type=op&cmd=<show><system><info></info></system></show>&key=<apikey>'
    When you make your API calls, as an alternative to providing the URL encoded API key in the request URL, you can use the custom X-PAN-KEY: <key> parameter to add the key as a name value pair in the HTTP header. For example, curl -H "X-PAN-KEY: LU234T02234565s2Z1FtZWFyWXJOSTd==" -k 'https://firewall_IP/api/?type=op&cmd=<show><system><info></info></system></show>'
  2. Confirm that the response to the above request looks similar to this:
    <response status="success"> <result> <system> <hostname>PA-3050-A</hostname> <ip-address>10.2.3.4</ip-address> <public-ip-address>unknown</public-ip-address> <netmask>255.255.252.0</netmask> <default-gateway>10.2.3.1</default-gateway> <is-dhcp>no</is-dhcp> <ipv6-address>unknown</ipv6-address> <ipv6-link-local-address>c123::21b:ffff:feff:c1234/64</ipv6-link-local-address> <ipv6-default-gateway/> <mac-address>00:00:00:ff:c7:00</mac-address> <time>Tue Jan 8 16:22:56 2019</time> <uptime>0 days, 18:28:38</uptime> <devicename>PA-3050-A</devicename> <family>3000</family> <model>PA-3050</model> <serial>001701000529</serial> <cloud-mode>non-cloud</cloud-mode> <sw-version>9.0.0-b36</sw-version> <global-protect-client-package-version>0.0.0</global-protect-client-package-version> <app-version>8111-5239</app-version> <app-release-date>2019/01/07 15:51:30 PST</app-release-date> <av-version>3328-3783</av-version> <av-release-date>2019/01/07 11:22:02 PST</av-release-date> <threat-version>8111-5239</threat-version> <threat-release-date>2019/01/07 15:51:30 PST</threat-release-date> <wf-private-version>0</wf-private-version> <wf-private-release-date>unknown</wf-private-release-date> <url-db>paloaltonetworks</url-db> <wildfire-version>0</wildfire-version> <wildfire-release-date/> <url-filtering-version>201901010.00005</url-filtering-version> <global-protect-datafile-version>unknown</global-protect-datafile-version> <global-protect-datafile-release-date>unknown</global-protect-datafile-release-date> <global-protect-clientless-vpn-version>0</global-protect-clientless-vpn-version> <global-protect-clientless-vpn-release-date/> <logdb-version>9.0.10</logdb-version> <platform-family>3000</platform-family> <vpn-disable-mode>off</vpn-disable-mode> <multi-vsys>on</multi-vsys> <operational-mode>normal</operational-mode> </system> </result> </response>