Access the Prisma Cloud REST API

Prisma Cloud has a REST API that enable you configure custom integrations for your cloud security needs. You can, for example, use it to automate sending alert notifications to an in-house tool you use or to extend the DevOps security capabilities for a tool that does not have an extension or plugin for Prisma Cloud. Most actions supported on the Prisma Cloud web interface are available with the REST API.
Prisma Cloud requires an API access key to enable programmatic access to the REST API. By default, only the System Admin has API access and can enable API access for other administrators. To generate an access key, see Create and Manage Access Keys. After you obtain an access key, you can submit it in a REST API request to generate a JSON Web Token (JWT). The JWT is then used to authenticate all subsequent REST API requests on Prisma Cloud.
  1. Obtain a JWT to authenticate API requests.
    The following is an example of a
    cURL
    call for a REST API request that returns a JWT. Your Prisma Cloud access key provides the request parameters. Note that an access key is made up of two parts: an Access Key ID and a Secret Key. In the body parameters, specify your Access Key ID as the string value for the
    userName
    and your Secret Key as the string value for the
    password
    .
    curl -X POST \ https://api.prismacloud.io/login \ -H 'Content-Type: application/json' \ -d '{"username":"<Access Key ID>","password":"<Secret Key>"}'
    The following shows the response for a successful request.
    { "token": "<JWT>", "message": "login_successful", "customerNames": [ { "customerName": "Test", "tosAccepted": true } ] }
    The value for
    token
    in the response is the JWT you will use to authorize your subsequent REST API requests.
  2. Authenticate Using the JWT.
    Specify the JWT in an HTTP header parameter for every Prisma Cloud REST API request. The following table shows the details of the header parameter.
    HTTP Header Parameter Key
    Value
    x-redlock-auth
    <your JWT>
  3. Refresh the JWT.
    The JWT is valid for 10 minutes, so you must refresh the token for continued access to the Prisma Cloud API. If you make an API request with an expired JWT request, you will receive an HTTP 401 (Unauthorized) response. The following example is a cURL call that makes an API request to obtain a refreshed JWT.
    curl -X GET \ https://api.prismacloud.io/auth_token/extend \ -H 'Content-Type: application/json' \ -H 'x-redlock-auth:<current JWT>'
    The following is an example of the response to a successful request to refresh a JWT.
    { "token": "<JWT>", "message": "login_successful", "customerNames": [ { "customerName": "Test", "tosAccepted": true } ] }
    The value for
    token
    in the response is the new JWT you must specify in the HTTP header parameter of subsequent REST API requests.

Recommended For You