: Make Your First API Call
Focus
Focus

Make Your First API Call

Table of Contents
End-of-Life (EoL)

Make Your First API Call

Get Your API Key to make your first call to the PAN-OS XML API. Make sure to URL encode the request parameters in the HTTP request.
The API Docs use a number of general conventions and should not be copy and pasted verbatim. Adjust the call to your specific firewall before making the request.
VariableReplace With
<firewall>The IP address of the firewall or Panorama appliance you intend to target with your request.
apikeyThe unique API key you generate.
All the query strings in requests must be a URL-Encoded parameter string. If you use a space in the URL-Encoded request, you must include either a plus sign or %20 to replace the space.
If you have trouble replicating any of the API requests in our documentation as a first step, Use the API Browser to build your requests.
  1. Make a cURL call to get system information, which returns the IP address, hostname, and model of your firewall. Be sure to include the API key:
    curl -k -X POST 'https://<firewall>//api/?type=op&cmd=<show><system><info></info></system></show>&key=<apikey>'
    When you make your API calls, as an alternative to providing the URL encoded API key in the request URL, you can use the custom X-PAN-KEY: <key> parameter to add the key as a name value pair in the HTTP header. For example, curl -H -X POST "X-PAN-KEY: LU234T02234565s2Z1FtZWFyWXJOSTdk1234565234565==" -k 'https://firewall_IP/api/?type=op&cmd=<show><system><info></info></system></show>'
  2. Confirm that the response to the above request looks similar to this:
    <response status="success"> <result> <system> <hostname>PA-3050-A</hostname> <ip-address>10.2.3.4</ip-address> <public-ip-address>unknown</public-ip-address> <netmask>255.255.252.0</netmask> <default-gateway>10.2.3.1</default-gateway> <is-dhcp>no</is-dhcp> <ipv6-address>unknown</ipv6-address> <ipv6-link-local-address>c123::21b:ffff:feff:c1234/64</ipv6-link-local-address> <ipv6-default-gateway/> <mac-address>00:00:00:ff:c7:00</mac-address> <time>Tue Jan 8 16:22:56 2019</time> <uptime>0 days, 18:28:38</uptime> <devicename>PA-3050-A</devicename> <family>3000</family> <model>PA-3050</model> <serial>001701000529</serial> <cloud-mode>non-cloud</cloud-mode> <sw-version>9.0.0-b36</sw-version> <global-protect-client-package-version>0.0.0</global-protect-client-package-version> <app-version>8111-5239</app-version> <app-release-date>2019/01/07 15:51:30 PST</app-release-date> <av-version>3328-3783</av-version> <av-release-date>2019/01/07 11:22:02 PST</av-release-date> <threat-version>8111-5239</threat-version> <threat-release-date>2019/01/07 15:51:30 PST</threat-release-date> <wf-private-version>0</wf-private-version> <wf-private-release-date>unknown</wf-private-release-date> <url-db>paloaltonetworks</url-db> <wildfire-version>0</wildfire-version> <wildfire-release-date/> <url-filtering-version>20190109.20005</url-filtering-version> <global-protect-datafile-version>unknown</global-protect-datafile-version> <global-protect-datafile-release-date>unknown</global-protect-datafile-release-date> <global-protect-clientless-vpn-version>0</global-protect-clientless-vpn-version> <global-protect-clientless-vpn-release-date/> <logdb-version>9.0.10</logdb-version> <platform-family>3000</platform-family> <vpn-disable-mode>off</vpn-disable-mode> <multi-vsys>on</multi-vsys> <operational-mode>normal</operational-mode> </system> </result> </response>