To use the API, you must generate the API
key required for authenticating API calls.
Then, when you
use this API key in your request, you can either provide the URL
encoded API key in the request URL, or use the custom X-PAN-KEY: <key> parameter
to add the key as a name-value pair in the HTTP header.
To generate an API key, make a GET or POST request
to the firewall’s hostname or IP addresses using the administrative
curl -k -X GET 'https://<firewall>/api/?type=keygen&user=<username>&password=<password>'
curl -k -X POST 'https://<firewall>/api/?type=keygen&user=<username>&password=<password>'
You can revoke all currently valid
API keys, in the event one or more keys are compromised. To change
an API key associated with an administrator account change the password associated
with the administrator account. API keys that were generated
before you expired all keys, or a key that was created using the
previous credentials will no longer be valid.
you use Panorama to manage your firewalls, Panorama and all of the
firewalls that it manages must have the same master key.