Strata Copilot
    WildFire API Reference
    : WildFire API Token Authentication
    Focus
    Download PDF
    Focus
    1. Home
    2. WildFire
    3. WildFire API Reference
    4. Get Started with the WildFire API
    5. WildFire API Token Authentication
    Download PDF

    WildFire API Reference

    WildFire API Token Authentication

    Table of Contents

    WildFire API Token Authentication

    Authenticate WildFire API requests using Bearer tokens managed through Strata Cloud Manager.
    Where Can I Use This?What Do I Need?
    • Advanced WildFire public cloud
    • Active WildFire or Advanced WildFire subscription (NGFW or Prisma Access)
    • Strata Cloud Manager access
    • At least one configured tenant (TSG-ID)
    • A service account for token binding
    WildFire® API token-based authentication uses Bearer tokens in the HTTP Authorization header to authenticate programmatic requests to the Advanced WildFire cloud. This method replaces legacy API key authentication and provides stronger security through tenant isolation, service account binding, and centralized lifecycle management in Strata Cloud Manager.
    Token-based authentication ties each credential to a specific Tenant Service Group ID (TSG-ID), ensuring that malware analysis data, submissions, and alerts remain isolated to a specific tenant or business unit within your organization. Each token maps one-to-one to a service account, which provides programmatic access without requiring individual user credentials.
    When you make API calls using token-based authentication, you pass the token as a Bearer credential in the Authorization header:
    curl https://wildfire.paloaltonetworks.com/publicapi/submit/file \
  -F file=@sample.exe \
  -H "Authorization: Bearer YOUR_TOKEN"
    Each API token maintains the standard quota limit of 150 file uploads and 1,050 queries per day. The quota resets daily at 00:00 UTC. Token expiration aligns with your WildFire or Advanced WildFire license expiration date.
    The system provisions one API token per tenant for each product type (NGFW or Prisma Access). After you create a token, it briefly displays a Pending status while synchronizing to regional caching layers, then transitions to Valid when ready for use.
    If you currently use legacy API keys, you can migrate them to token-based authentication through the migration workflow in Strata Cloud Manager. After the migration cutoff date, only token-based authentication is supported for WildFire API access.

    © 2026 Palo Alto Networks, Inc. All rights reserved.