Where Can I Use This?

What Do I Need?

VM-Series deployment

VM-Series 10.x or above Panorama running PAN-OS 10.1.x or above versions Customer Support Portal (CSP) account with one of the following user roles: Super User, Standard User, Limited User, Threat Researcher, AutoFocus Trial Role, Group Super User, Group Standard User, Group Limited User, Group Threat Researcher, Authorized Support Center (ASC) User, and ASC Full Service User. Superuser access to the VM-Series firewall

Use the Software NGFW licensing API to create and manage credit pools auth codes, retrieve the credit pool attached to an auth code, all model-based licenses on a VM-Series firewall. In addition, the licensing API enables you to license firewalls that do not have direct internet access and cannot reach the Palo Alto Networks license server. You can manage licenses manually or automate licensing with a custom script or an orchestration service.

To use the API, each support account is assigned a unique client ID and client secret. You will use the client ID and client secret associated with your customer support account to generate an access token. Each API call must include the access token to authenticate the request to the licensing server. When authenticated, the licensing server sends the response in json format (content-type application/json). Contact your Palo Alto Networks sales representative to get your client ID and client secret.

curl --location --request GET 'https://api.paloaltonetworks.com/tms/v1/firewallserialnumbers?auth_code=<authcode>'\
--header 'token: <your-token>' \

{
    "vm_series": [
        "00799##########"
    ],
    "cn_panorama": [],
    "panorama": [],
    "cn_firewall": []
}

curl --location --request DELETE 'https://api.paloaltonetworks.com/tms/v1/firewall/deactivate?auth_code=<authcode>&serial_numbers=<serialnumber>,<serialnumber>'\
--header 'token: <your-token>' \

{
    "success": ["00799##########","00799##########" ],
    "failed": [],
    "auth_code": "D#######",
    "failure_reason": []
}