Authenticate Access

To authenticate your calls to the WildFire API, you must Get Your API Key. Access to the WildFire API key is available if at least one Palo Alto Networks firewall has an active WildFire subscription registered to an account holder in your organization. You can share the same API key within your organization. Your WildFire public cloud API key is assigned when you purchase your first firewall WildFire subscription and expires when the subscription expires. If you have multiple firewalls with WildFire subscriptions, the API key is tied to the subscription that expires last. Extend the life of your WildFire public cloud API key by extending your WildFire subscription. You cannot delete an WildFire public cloud API key; it only expires. If you need a WildFire public cloud API key removed for security reasons, you must open a support case. The API key for the WildFire public cloud is displayed in the My Account section of the WildFire portal along with statistics, such as how many uploads and queries have been performed using the key. You can view and Manage WildFire Appliance API Keys through the WildFire CLI. The API key should be considered secret and should not be shared outside of authorized channels.
Unlike other WildFire API resources, the /test/pe resource, which allows you to Get a Malware Test File (WildFire API), does not require an API key for authentication and does not need an HTTPS connection.
The API methods are hosted on the WildFire cloud or WildFire appliance and the HTTPS protocol is required to protect your API key and any other data exchanged with the service.

Related Documentation