Is Palo Alto's API able to accept GET requests from the PowerShell "invoke-restmethod" cmdlet which have the api key set as a variable? I ask this because I would like to run these requests without embedding my API key in the HTTPS GET request. This does not seem secure to me. Rather, I would like to store the API key elsewhere and have PowerShell call that file to insert the key in to the string, or elsewhere in the request, like in the Authorization header. I've been toying around with this to no avail. I'm wondering if the API can handle this type of request? Has anyone come up against this and prevailed?
Solved! Go to Solution.
I haven't used it yet, but came across a pan-python module on the api-lab site that uses a .panrc file on the local host to reference a Palo Alto firewall IP and the associated API key. That file is referenced during api calls to pass in the key without specifying it on the command line.
Obviously not Powershell, but may be adaptable.
I finally figured it out...simple (usually is).
Set a variable in your script that looks for your apikey elsewhere, like:
$apikey = Get-Content "<path_to_file>"
Then, simply make your "key" a variable in the HTTPS request. For example:
However, I'm now having other problems with the x-path...back to the drawing board.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!