Make Your First API Call
Table of Contents
11.0 (EoL)
Expand all | Collapse all
-
- Upgrade a Firewall to the Latest PAN-OS Version (API)
- Show and Manage GlobalProtect Users (API)
- Query a Firewall from Panorama (API)
- Upgrade PAN-OS on Multiple HA Firewalls through Panorama (API)
- Automatically Check for and Install Content Updates (API)
- Enforce Policy using External Dynamic Lists and AutoFocus Artifacts (API)
- Configure SAML 2.0 Authentication (API)
- Quarantine Compromised Devices (API)
- Manage Certificates (API)
-
- Asynchronous and Synchronous Requests to the PAN-OS XML API
- Run Operational Mode Commands (API)
- Apply User-ID Mapping and Populate Dynamic Groups (API)
- Get Version Info (API)
-
- PAN-OS REST API
- Access the PAN-OS REST API
- Resource Methods and Query Parameters (REST API)
- PAN-OS REST API Request and Response Structure
- PAN-OS REST API Error Codes
- Work With Objects (REST API)
- Create a Security Policy Rule (REST API)
- Work with Policy Rules on Panorama (REST API)
- Create a Tag (REST API)
- Configure a Security Zone (REST API)
- Configure an SD-WAN Interface (REST API)
- Create an SD-WAN Policy Pre Rule (REST API)
- Configure an Ethernet Interface (REST API)
- Update a Virtual Router (REST API)
- Work With Decryption (APIs)
End-of-Life (EoL)
Make Your First API Call
Get
Your API Key to make your first call to the PAN-OS XML API.
Make sure to URL encode the request parameters in the HTTP request.
The
API Docs use a number of general conventions and should not be copy
and pasted verbatim. Adjust the call to your specific firewall before
making the request.
| Variable | Replace With |
|---|---|
| <firewall> | The IP address of the firewall or Panorama appliance you intend to target with your request. |
| apikey | The unique API key you generate. |
All the query strings in Get requests must be a
URL-Encoded parameter string. If you use a space in the URL-Encoded
request, you must include either a plus sign or %20 to replace the
space.
If you have trouble replicating any of the API requests
in our documentation as a first step, Use the API Browser to build your
requests.
- Make a cURL call to get system information, which returns the IP address, hostname, and model of your firewall. Be sure to include the API key:curl -X POST 'https://<firewall>/api?type=op&cmd=<show><system><info></info></system></show>'Code copied to clipboardUnable to copy due to lack of browser support.When you make your API calls, as an alternative to providing the URL encoded API key in the request URL, you can use the custom X-PAN-KEY: <key> parameter to add the key as a name value pair in the HTTP header. For example,curl -H "X-PAN-KEY: **********************************************" -k 'https://firewall_IP/api/?type=op&cmd=<show><system><info></info></system></show>'
- Confirm that the response to the above request looks similar to this:<response status="success"> <result> <system> <hostname>PA-3050-A</hostname> <ip-address>10.2.3.4</ip-address> <public-ip-address>unknown</public-ip-address> <netmask>255.255.252.0</netmask> <default-gateway>10.2.3.1</default-gateway> <is-dhcp>no</is-dhcp> <ipv6-address>unknown</ipv6-address> <ipv6-link-local-address>c123::21b:ffff:feff:c1234/64</ipv6-link-local-address> <ipv6-default-gateway/> <mac-address>00:00:00:ff:c7:00</mac-address> <time>Tue Jan 8 16:22:56 2019</time> <uptime>0 days, 18:28:38</uptime> <devicename>PA-3050-A</devicename> <family>3000</family> <model>PA-3050</model> <serial>0017010.2529</serial> <cloud-mode>non-cloud</cloud-mode> <sw-version>9.0.0-b36</sw-version> <global-protect-client-package-version>0.0.0</global-protect-client-package-version> <app-version>8111-5239</app-version> <app-release-date>2019/01/07 15:51:30 PST</app-release-date> <av-version>3328-3783</av-version> <av-release-date>2019/01/07 11:22:02 PST</av-release-date> <threat-version>8111-5239</threat-version> <threat-release-date>2019/01/07 15:51:30 PST</threat-release-date> <wf-private-version>0</wf-private-version> <wf-private-release-date>unknown</wf-private-release-date> <url-db>paloaltonetworks</url-db> <wildfire-version>0</wildfire-version> <wildfire-release-date/> <url-filtering-version>2019010.2.00005</url-filtering-version> <global-protect-datafile-version>unknown</global-protect-datafile-version> <global-protect-datafile-release-date>unknown</global-protect-datafile-release-date> <global-protect-clientless-vpn-version>0</global-protect-clientless-vpn-version> <global-protect-clientless-vpn-release-date/> <logdb-version>9.0.10</logdb-version> <platform-family>3000</platform-family> <vpn-disable-mode>off</vpn-disable-mode> <multi-vsys>on</multi-vsys> <operational-mode>normal</operational-mode> </system> </result> </response>