Live Community - Revoke XML API key for a specific user who is configured on radius server. - Live Community

rirani · ‎12-15-2016

Hi,

I would like to revoke a xml api key for a specific user who is configured on radius server .

Changing the password on the radius server doesnt revoke the old api key of the user.

Firewall is still athenticating the user using old api key.

Is there anyway of revoking api key of a specific user on palo alto firewall ?

Note : this specific user is an admin user with the help of api he is able to authenticate and get access of the firewall.

cpainchaud · ‎12-19-2016

API keys are encrypted version of login+password , so they cannot be revoked , you need to change the password.

I could be wrong but after cache dies ( a few minutes/hours ) then the api key should not work anymore

rirani · ‎12-20-2016

We changed the password on the Radius server but still the firewall authenticates the admin user with the old key. Changed password on the Radius server also didnt help in our situation.

cpainchaud · ‎12-23-2016

this is really weird , I would open a TAC case

Revoke XML API key for a specific user who is configured on radius server.

Revoke XML API key for a specific user who is configured on radius server.

Re: Revoke XML API key for a specific user who is configured on radius server.

Re: Revoke XML API key for a specific user who is configured on radius server.

Re: Revoke XML API key for a specific user who is configured on radius server.

Enterprise

Prisma

Cortex

Revoke XML API key for a specific user who is configured on radius server.

Revoke XML API key for a specific user who is configured on radius server.

Re: Revoke XML API key for a specific user who is configured on radius server.

Re: Revoke XML API key for a specific user who is configured on radius server.

Re: Revoke XML API key for a specific user who is configured on radius server.

Show your appreciation!