1. Home
    2. PAN-OS
    3. PAN-OS® and Panorama™API Guide
    4. Get Started with the PAN-OS XML API
    5. Get Your API Key
    End-of-Life (EoL)

    Get Your API Key

    To use the API, generate the API key required for authenticating API calls. Request parameters should be URL encoded when used in HTTP requests.
    1. To generate an API key, make a GET or POST request to the firewall’s hostname or IP addresses using the administrative credentials and
      type=keygen
      :
      curl -k -X GET 'https://
      <firewall>
      /api/?type=keygen&user=
      <username>
      &password=
      <password>
      '
      or
      curl -k -X POST 'https://
      <firewall>
      /api/?type=keygen&user=
      <username>
      &password=
      <password>
      '
      A successful API call returns
      status="success"
       along with the API key within the
      key
       element:
      <response status="success"> 
<result> 
<key>gJlQWE56987nBxIqyfa62sZeRtYuIo2BgzEA9UOnlZBhU</key> 
</result> 
</response>
    2. (
      Optional
      ) Revoke an API key.
      You can choose to revoke and then change an API key associated with an administrator account by changing the password associated with the administratoraccount. Any API keys that were generated using the previous credentials would no longer be valid.
      If you want the firewall to generate a unique API key, change the master key on your firewall in order to generate a unique API key. If you have not changed the firewall master key from the default, all firewalls with the same username/password will return the same API key. Keep in mind, however, if you use Panorama to manage your firewalls, Panorama and all of the firewalls that it manages must have the same master key.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo