Authenticate Access
Authenticate your requests to the Advanced WildFire API using token-based or API key credentials.
To authenticate your queries to the Advanced WildFire API, you must obtain a credential that validates your identity and authorizes programmatic requests. The WildFire API supports two authentication methods:
- Token-based authentication (recommended)—You pass a Bearer token in the HTTP Authorization header. Tokens are managed through Strata Cloud Manager, tied to specific Tenant Service Group IDs (TSG-IDs), and bound to service accounts. This method provides tenant isolation, centralized lifecycle management, and aligns with the Palo Alto Networks platform identity model. Token-based authentication is supported for the following products:
- NGFW (hardware and VM-Series with WildFire subscription)
- Prisma Access
- API key authentication (legacy)—You pass a static API key as a form field (apikey) in the request body. Keys are retrieved from the WildFire portal or the Palo Alto Networks Customer Support Portal and are tied to your CSP-ID. This method is supported during a transitional period but will be deprecated. API key authentication is supported for the following products:
The API methods are hosted on the WildFire cloud or WildFire appliance, and HTTPS is required to protect your credentials and any data exchanged with the service.
Unlike other WildFire API resources, the
/test/pe resource, which allows you to
get a malware test file, does not require authentication and does not need an HTTPS connection.
