Get Your API Key
Table of Contents
10.0 (EoL)
Expand all | Collapse all
-
- Upgrade a Firewall to the Latest PAN-OS Version (API)
- Show and Manage GlobalProtect Users (API)
- Query a Firewall from Panorama (API)
- Upgrade PAN-OS on Multiple HA Firewalls through Panorama (API)
- Automatically Check for and Install Content Updates (API)
- Enforce Policy using External Dynamic Lists and AutoFocus Artifacts (API)
- Configure SAML 2.0 Authentication (API)
- Quarantine Compromised Devices (API)
- Manage Certificates (API)
-
- Asynchronous and Synchronous Requests to the PAN-OS XML API
- Run Operational Mode Commands (API)
- Apply User-ID Mapping and Populate Dynamic Groups (API)
- Get Version Info (API)
-
- PAN-OS REST API
- Access the PAN-OS REST API
- Resource Methods and Query Parameters (REST API)
- PAN-OS REST API Request and Response Structure
- PAN-OS REST API Error Codes
- Work With Objects (REST API)
- Create a Security Policy Rule (REST API)
- Work with Policy Rules on Panorama (REST API)
- Create a Tag (REST API)
- Configure a Security Zone (REST API)
- Configure an SD-WAN Interface (REST API)
- Create an SD-WAN Policy Pre Rule (REST API)
- Configure an Ethernet Interface (REST API)
- Update a Virtual Router (REST API)
- Work With Decryption (APIs)
End-of-Life (EoL)
Get Your API Key
To use the API, you must generate the API
key required for authenticating API calls.
Then, when you
use this API key in your request, you can either provide the URL
encoded API key in the request URL, or use the custom X-PAN-KEY:
<key> parameter to add the key as a name-value pair in the HTTP
header.
If you have an existing key and generate another
key for the same user, all existing sessions will end for the user
and previous API sessions will be deleted. If the cookie for the
request doesn’t exist but you make subsequent requests, configuration
logs will show the user as unknown.
- To generate an API key, make a GET or POST request
to the firewall’s hostname or IP addresses using the administrative
credentials and type=keygen:
orcurl -k -X GET 'https://<firewall>/api/?type=keygen&user=<username>&password=<password>'curl -k -X POST 'https://<firewall>/api/?type=keygen&user=<username>&password=<password>'A successful API call returns status="success" along with the API key within the key element:<response status="success"> <result> <key>gJlQWE56987nBxIqyfa62sZeRtYuIo2BgzEA9UOnlZBhU==</key> </result> </response>- (Optional) Revoke API keys.
You can revoke all currently valid API keys, in the event one or more keys are compromised. To change an API key associated with an administrator account change the password associated with the administrator account. API keys that were generated before you expired all keys, or a key that was created using the previous credentials will no longer be valid.If you use Panorama to manage your firewalls, Panorama and all of the firewalls that it manages must have the same master key. - (Optional) Revoke API keys.