Prisma Access APIs
Table of Contents
Prisma Access APIs
Find the APIs to use with Prisma Access.
In addition to the XML APIs that are available for configuration
and management in Panorama, there are
XML APIs for the Cloud Services plugin that you can use to perform
tasks specific to Prisma Access. Use these APIs through a third-party
service, application, or script to automate configuration and reporting
tasks for Prisma Access.
Access the API Using the Browser and Web Interface
To access the API using the browser, log in to the Panorama
that manages Prisma Access with administrator privileges, then enter /api at
the end of the URL. The URL changes to the XML API browser interface.
The Prisma Access APIs are located in the following XML Path
Language (XPath) nodes in the XML tree:
- Configuration Commands:
- Operational Commands:
As you navigate in the XML tree, Prisma Access populates the
tree in the XML area. You can enter required
values in the XML area and click Submit to
process an XML request. For example, to request the onboarding status
of a job, navigate to , enter the Job id in
the jobid field, enter the Service Type servicetype area,
and click Submit to submit your request.
This XML only retrieves the onboarding status of a job.
To retrieve the status of all commit operations, use the Prisma
Access UI.
Prisma Access returns the output in XML format.
You can also use the web interface to find
APIs in Panorama.
Use curl Commands to Retrieve API Commands
If you prefer to use CLI to retrieve API command results,
you can use APIs in conjunction with the the API you
use to retrieve public and infrastructure IP addresses for Prisma
Access. To do so, use the following command:
Configuration Commands:
curl -k -X GET "https://<panorama-ip-address>/api/?key=<api-key>&type=config&cmd=<api-parameters></api-parameters>
Operational Commands:
curl -k -X GET "https://<panorama-ip-address>/api/?key=<api-key>&type=op&cmd=<api-parameters></api-parameters>
Where:
- <panorama-ip-address> is the IP address of the Panorama that manages Prisma Access.
- <api-key> is the API key for Prisma Access ().
- <api-parameters> and </api-parameters> are the API parameters you use to retrieve the requested information from the API.
If you have a multi-tenant deployment, you add the name of the
tenant for which you want to retrieve API information into the API.
For example, given a Prisma Access deployment that has the following
parameters:
- Panorama IP Address: 1.2.3.4
- API key: 12345abcde
- Tenant name: tenant-1
If you wanted to retrieve the number of active mobile users for
that tenant, you would enter the following curl command:
curl -k -X GET "https://1.2.3.4/api/?key=12345abcde&type=op&cmd=<request><plugins><cloud_services><prisma-access><multi-tenant><tenant-name><entry%20name='tenant-1'></entry></tenant-name><remote-active-users-count/></multi-tenant></prisma-access></cloud_services></plugins></request>"
Use CLI Commands with Panorama Managed Prisma Access
Prisma Access allows you to use CLI commands to retrieve
Prisma Access data. To access the CLI, establish
a SSH connection using the IP address of the Panorama that manages
Prisma Access.
The CLI uses the same modes and has the same
behavior as PAN-OS commands, with the exception of entering the
tenant name for multi-tenant deployments; you enter the tenant name
using the tenant-name tenant-name command.
For example, given a tenant name of tenant-1, enter the following
command to retrieve to retrieve the active user count in a multi-tenant
deployment:
admin-Panorama> request plugins cloud_services prisma-access multi-tenant remote-active-users-count tenant-name tenant-1
pass
Current User Count: 253