>
    Set up Cortex XDR for Integration
    Focus
    Download PDF
    Focus
    1. Home
    2. IoT Security
    3. Endpoint Protection
    4. Integrate IoT Security with Cortex XDR
    5. Set up Cortex XDR for Integration
    Download PDF
    IoT Security

    Set up Cortex XDR for Integration

    Table of Contents

    Set up Cortex XDR for Integration

    Set up Cortex XDR for integration with IoT Security through Cortex XSOAR.
    Where Can I Use This?What Do I Need?
    • IoT Security (Managed by Strata Cloud Manager)
    • IoT Security (Standalone portal)
    One of the following subscriptions:
    • IoT Security subscription for an advanced IoT Security product (Enterprise Plus, Industrial OT, or Medical)
    • Device Security X subscription
    One of the following Cortex XSOAR setups:
    • An IoT Security Third-party Integration Add-on license that includes a cohosted, limited-featured Cortex XSOAR instance
    • A full-featured Cortex XSOAR server
    When integrating IoT Security with Cortex XDR, you need to generate a Cortex XDR API key and key ID. Use the key and key ID in addition to the Cortex XDR URL to allow IoT Security to retrieve device information from Cortex XDR.
    1. Generate an API key.
      Generate a Cortex XDR API key the same way for both a direct API integration and a third-party Cortex XSOAR integration. Depending on the method you use to integrate IoT Security with Cortex XDR, only the security level of the API key you generate differs.
      For more details about creating an API key in Cortex XDR, see Get Started with Cortex XDR APIs.
      1. Log in to Cortex XDR and select SettingsConfigurationsIntegrationsAPI Keys.
      2. Select + New Key, enter the following settings, and then Generate:
        APISecurity Level: Standard
        XSOARSecurity Level: Advanced
        Roles: Viewer
        Views: Endpoint Administration
    2. Copy the API key and note its key ID.
      1. Copy the API key into a secure location and then click Done.
      2. In the API Keys table, find the number in the ID column for the key you generated, and copy the ID number into a secure location.
    3. Copy the URL of the XDR server.
      1. Return to SettingsConfigurationsIntegrationsAPI Keys in Cortex XDR, right-click your API key, and then View Examples.
      2. Copy the CURL Example URL to a secure location.
        This contains your unique FQDN: https://api-<fqdn>
    4. Continue to Set up IoT Security for Cortex XDR API Integration or Set up IoT Security and XSOAR for Cortex XDR Integration to configure IoT Security to integrate with Cortex XDR.

    © 2025 Palo Alto Networks, Inc. All rights reserved.