Generate Client Credentials
Self-service client credentials enable Cortex® Xpanse™ Expander administrators to generate and revoke API credentials.
Cortex® Xpanse™ is moving away from refresh tokens for API access credentials and implementing the OAuth2.0 standard client credentials grant type. Self-service client credentials are currently supported for the Cortex Xpanse SDK and custom integrations. You are not required to use client credentials at this time, but it is recommended. Support for client credentials for Cortex Xpanse-built integrations will be added in a future release. We will notify you when your Cortex Xpanse integration is ready for use with client credentials.
Self-service client credentials enable Cortex® Xpanse™ Expander administrators to generate and revoke API credentials within the Expander UI. These credentials can be used for any API-related application, including the following:
- Use of the Xpanse SDK
- Use of custom integrations or scripts
- Use of Xpanse integrations (Client credential support to be added in an upcoming release.)
- Individual client credentials permission— Allows you to create and revoke your own Cortex Xpanse client credentials.
- Administrator client credentials permission— Allows you to create and revoke your own Cortex Xpanse client credentials, and also view and revoke client credentials created by other users from your organization.
Settingstab in Expander and look for the
Client Credentialsoption in the left navigation pane.
- Navigate to theSettingstab, and selectClient Credentialsin the left navigation pane.In the Client Credentials window, you will see the list of credentials that you previously created. If you have administrator-level client credentials permission, you will also see credentials that were generated by other users in your organization
- ClickGenerate Credentials.Note that each user is limited to 10 client credentials at any one time.TheClient Credentials/Add Newwindow opens.
- Enter aClient Name.Client names must be all lowercase. Your client name will be automatically prefixed with “xpanse_expander_”.
- Enter aDescriptionthat will provide additional context for yourself and other administrators in your organization regarding the purpose of this credential.
- ClickGenerate credentials.The Client Identifier and Client Secret will be displayed.
- Copy and securely store both the Client Identifier and Client Secret.You will not be given another opportunity to retrieve the Client Secret, and Cortex Xpanse has no access to the Client Secret. Be sure to follow your organizational policies with respect to the storage and use of your new credentials.If you misplace or lose your Client Secret, a new client credential must be generated. Cortex Xpanse has no way to retrieve your Client Secret.
You can now use your Cortex Xpanse client credential. For information about using your credentials with an Xpanse-supported integration, see the corresponding integration guide on the Palo Alto Networks Technology Partner portal.. For more information about using your credentials with the Xpanse SDK or a custom integration, see the Cortex Xpanse developer documentation.
Recommended For You
Recommended videos not found.