Retrieve a Token

The API client can a retrieve a token for Prisma SaaS using
POST
request to the
/oauth/token
endpoint. To request a token, Prisma SaaS submits the request with the OAuth2 client credentials.

Request Headers

Name
Description
Authorization
Basic auth header containing the Client ID and Client Secret delimited with a colon (:) Base 64 encoded. Example:
Base64(acme:acmesecret)

Request Parameters

Parameter
Description
grant_type
OAuth2 grant type. Only client credentials are supported.
scope
Scopes the app is requesting

Example Request

POST /oauth/token HTTP/1.1 Authorization: Basic YWNtZTphY21lc2VjcmV0 Accept: application/json Content-Type: application/x-www-form-urlencoded; charset=ISO-8859-1 Host: api.aperture.paloaltonetworks.com grant_type=client_credentials&scope=api_access

Example Response

HTTP/1.1 200 OK { "access_token" : "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJhcGlfYWNjZXNzIl0sImV4cCI6MTQ5MTUy MzA4OCwianRpIjoiZDY2YWJmYWQtOGMzYy00MGQxLThjMWYtOTFjYzBlMTkzMWYxIiwidGVuYW50IjoidGVzdC B0ZW5hbnQiLCJjbGllbnRfaWQiOiJhY21lIn0.vxao73NJcehYkngrI9WvHIxugbhDzOEWDBbR4TS99Eg", "token_type" : "bearer", "expires_in" : 7199, "scope" : "api_access", "tenant" : "test tenant", "jti" : "d66abfad-8c3c-40d1-8c1f-91cc0e1931f1" }

Response Fields

The following table displays the response fields used when you attempt to get a token.
Path
Type
Description
access_token
String
Access token for requests
token_type
String
Type of token
expires_in
Number
Number of seconds until the token expires. No value means it does not expire.
scope
String
Scopes granted
jti
String
Token ID
tenant
String
Tenant name

Related Documentation