Authentication Errors
Table of Contents
Expand all | Collapse all
-
-
- What’s Data Security?
- Navigate To Data Security in Cloud Management Console
- Activate Data Security on the Hub
- Access Data Security for Standalone SaaS Security
-
- Allowed List of IP Addresses
-
- Begin Scanning an Amazon Web Services App
- Begin Scanning a Bitbucket Cloud App
- Begin Scanning a Box App
- Begin Scanning a Cisco Webex Teams App
- Begin Scanning a Citrix ShareFile App
- Begin Scanning a Confluence App
- Begin Scanning a Confluence Data Center App
- Begin Scanning a Dropbox App
- Begin Scanning a GitHub App
- Begin Scanning a GitHub V2 App
- Begin Scanning a Gmail App
- Begin Scanning a Google Cloud Storage App
- Begin Scanning a Google Drive App
- Begin Scanning a Jira Cloud App
- Begin Scanning a Jira Data Center App
- Begin Scanning a Microsoft Azure Storage App
- Begin Scanning a Microsoft Exchange App
- Begin Scanning Microsoft Office 365 Apps
- Begin Scanning a Microsoft Teams App
- Begin Scanning a Salesforce App
- Begin Scanning a ServiceNow App
- Begin Scanning a Slack for Enterprise Grid App
- Begin Scanning a Slack Enterprise App
- Begin Scanning a Slack for Pro and Business App
- Begin Scanning a Workday App (Beta)
- Begin Scanning a Yammer App
- Begin Scanning a Zendesk App
- Begin Scanning a Zoom App
- Reauthenticate to a Cloud App
- Verify Permissions on Cloud Apps
- Start Scanning a Cloud App
- Rescan a Managed Cloud App
- Delete Cloud Apps Managed by Data Security
- API Throttling
- Configure Classification Labels
- Microsoft Labeling for Office 365
-
-
-
- SaaS Security with Enterprise DLP
- Predefined Data Patterns on Data Security
- Proximity Keywords
- Confidence Levels
- Shared Data Profiles and Data Patterns
- Modify a Predefined Data Pattern
- Create a Custom Data Profile
- Add a File Property Data Pattern
- Create a Custom Data Pattern
- Use Exact Data Matching (EDM)
- Enable or Disable a Machine Learning Data Pattern
- Configure WildFire Analysis
- Configure Regular Expressions
- Enable or Disable a Data Pattern
- View and Filter Data Pattern Match Results
-
-
-
- What is an Incident?
- Assess New Incidents on Data Security
- View Asset Details
- Filter Incidents
- Security Controls Incident Details
- Track Down Threats with WildFire Report
- Track Down Threats with AutoFocus
- Customize the Incident Categories
- Close Incidents
- Download Assets for Incidents
- View Asset Snippets for Incidents
- Analyze Inherited Exposure
- Email Asset Owners
- Modify Incident Status
-
- What is a Data Violation?
- Assess New Data Violations on Data Security
- Configure Data Violation Alerts on Data Security
- Filter Data Violations on Data Security
- View Asset Snippets for Data Violations on Data Security
- View Data Violation Metrics on Data Security
- Modify Data Violation Status on Data Security
-
-
-
-
- What’s SaaS Security Inline?
- Navigate To SaaS Security Inline
- SaaS Visibility for NGFW
- SaaS Visibility and Controls for NGFW
- SaaS Visibility for Prisma Access
- SaaS Visibility and Controls for Panorama Managed Prisma Access
- SaaS Visibility and Controls for Cloud Managed Prisma Access
- Activate SaaS Security Inline for NGFW
- Activate SaaS Security Inline for VM-Series Firewalls with Software NGFW Credits
- Activate SaaS Security Inline for Prisma Access
- Connect SaaS Security Inline and Strata Logging Service
- Integrate with Azure Active Directory
-
-
- SaaS Policy Rule Recommendations
- App-ID Cloud Engine
- Guidelines for SaaS Policy Rule Recommendations
- Predefined SaaS Policy Rule Recommendations
- Apply Predefined SaaS Policy Rule Recommendations
- Create SaaS Policy Rule Recommendations
- Delete SaaS Policy Rule Recommendations
- Enable SaaS Policy Rule Recommendations
- Modify Active SaaS Policy Rule Recommendations
- Monitor SaaS Policy Rule Recommendations
-
- Enable Automatic Updates for SaaS Policy Rule Recommendations on Cloud Managed Prisma Access
- Import New SaaS Policy Rule Recommendations on Cloud Managed Prisma Access
- Update Imported SaaS Policy Rule Recommendations on Cloud Managed Prisma Access
- Remove Deleted SaaS Policy Rule Recommendations on Cloud Managed Prisma Access
- Manage Enforcement of Rule Recommendations on NGFW
- Manage Enforcement of Rule Recommendations on Panorama Managed Prisma Access
- Change Risk Score for Discovered SaaS Apps
-
-
-
-
- Onboarding Overview for Supported SaaS Apps
- Onboard an Aha.io App to SSPM
- Onboard an Alteryx Designer Cloud App to SSPM
- Onboard an Aptible App to SSPM
- Onboard an ArcGIS App to SSPM
- Onboard an Articulate Global App to SSPM
- Onboard an Atlassian App to SSPM
- Onboard a BambooHR App to SSPM
- Onboard a Basecamp App to SSPM
- Onboard a Bitbucket App to SSPM
- Onboard a BlueJeans App to SSPM
- Onboard a Box App to SSPM
- Onboard a Bright Security App to SSPM
- Onboard a Celonis App to SSPM
- Onboard a Cisco Meraki App to SSPM
- Onboard a ClickUp App to SSPM
- Onboard a Confluence App to SSPM
- Onboard a Contentful App to SSPM
- Onboard a Convo App to SSPM
- Onboard a Couchbase App to SSPM
- Onboard a Coveo App to SSPM
- Onboard a Crowdin Enterprise App to SSPM
- Onboard a Customer.io App to SSPM
- Onboard a Databricks App to SSPM
- Onboard a Datadog App to SSPM
- Onboard a DocHub App to SSPM
- Onboard a DocuSign App to SSPM
- Onboard a Dropbox Business App to SSPM
- Onboard an Envoy App to SSPM
- Onboard an Expiration Reminder App to SSPM
- Onboard a Gainsight PX App to SSPM
- Onboard a GitHub Enterprise App to SSPM
- Onboard a GitLab App to SSPM
- Onboard a Google Analytics App to SSPM
- Onboard a Google Workspace App to SSPM
- Onboard a GoTo Meeting App to SSPM
- Onboard a Grammarly App to SSPM
- Onboard a Harness App to SSPM
- Onboard a Hellonext App to SSPM
- Onboard an IDrive App to SSPM
- Onboard an Intercom App to SSPM
- Onboard a Jira App to SSPM
- Onboard a Kanbanize App to SSPM
- Onboard a Kanban Tool App to SSPM
- Onboard a Kustomer App to SSPM
- Onboard a Lokalise App to SSPM
- Onboard a Microsoft Azure AD App to SSPM
- Onboard a Microsoft Exchange App to SSPM
- Onboard a Microsoft OneDrive App to SSPM
- Onboard a Microsoft Outlook App to SSPM
- Onboard a Microsoft Power BI App to SSPM
- Onboard a Microsoft SharePoint App to SSPM
- Onboard a Microsoft Teams App to SSPM
- Onboard a Miro App to SSPM
- Onboard a monday.com App to SSPM
- Onboard a MongoDB Atlas App to SSPM
- Onboard a MuleSoft App to SSPM
- Onboard a Mural App to SSPM
- Onboard an Office 365 App to SSPM
- Onboard Office 365 Productivity Apps to SSPM
- Onboard an Okta App to SSPM
- Onboard a PagerDuty App to SSPM
- Onboard a RingCentral App to SSPM
- Onboard a Salesforce App to SSPM
- Onboard an SAP Ariba App to SSPM
- Onboard a ServiceNow App to SSPM
- Onboard a Slack Enterprise App to SSPM
- Onboard a Snowflake App to SSPM
- Onboard a SparkPost App to SSPM
- Onboard a Tableau Cloud App to SSPM
- Onboard a Webex App to SSPM
- Onboard a Workday App to SSPM
- Onboard a Wrike App to SSPM
- Onboard a YouTrack App to SSPM
- Onboard a Zendesk App to SSPM
- Onboard a Zoom App to SSPM
- Onboarding an App Using Azure AD Credentials
- Onboarding an App Using Okta Credentials
- Delete SaaS Apps Managed by SSPM
Authentication Errors
View examples of authentication errors you may encounter
when retrieving a token for
Data Security
.No Basic Auth Header
Not including
the basic auth header when retrieving a token results in a
401
response.
To try again, see Retrieve a Token.All
requests must use the region-specific
host. The examples below use AMER region.
- Example Request$ curl 'https://api.aperture.paloaltonetworks.com/oauth/token' -i -X POST -H 'Accept: application/json' -H 'Content-Type: application/x-www-form-urlencoded; charset=ISO- 8859-1' -d 'grant_type=client_credentials&scope=api_access'
- Example Request BodyPOST /oauth/token HTTP/1.1 Accept: application/json Content-Type: application/x-www-form-urlencoded; charset=ISO-8859-1 Host: api.aperture.paloaltonetworks.com grant_type=client_credentials&scope=api_access
- Example ResponseHTTP/1.1 401 Unauthorized { "error" : "unauthorized", "resolution" : "Please submit valid credentials.", "error_description" : "Invalid credentials" }
Invalid Credentials
Providing invalid
credentials will result in a
401
response.
To try again, see Retrieve a TokenAll
requests must use the region-specific
host. The examples below use AMER region.
- Example Request$ curl 'https://api.aperture.paloaltonetworks.com/oauth/token' -i -X POST -H 'Accept: application/json' -H 'Content-Type: application/x-www-form-urlencoded; charset=ISO- 8859-1' -d 'grant_type=client_credentials&scope=api_access'
- Example Request BodyPOST /oauth/token HTTP/1.1 Accept: application/json Content-Type: application/x-www-form-urlencoded; charset=ISO-8859-1 Host: api.aperture.paloaltonetworks.com grant_type=client_credentials&scope=api_access
- Example ResponseHTTP/1.1 401 Unauthorized { "error" : "unauthorized", "resolution" : "Please submit valid credentials.", "error_description" : "Invalid credentials" }
Token Expiration
Performing a request
with an expired token results in a
401
response.
To try again, see Retrieve a Token.All
requests must use the region-specific
host. The examples below use AMER region.
- Example Request BodyPOST /oauth/token HTTP/1.1 Accept: application/json Content-Type: application/x-www-form-urlencoded; charset=ISO-8859-1 Host: api.aperture.paloaltonetworks.com grant_type=client_credentials&scope=api_access
- Example ResponseHTTP/1.1 401 Unauthorized { "error": "invalid_token", "resolution": "Please retrieve a new token.", "error_description": "Authentication token was invalid." }