Revoke XML API key for a specific user who is configured on radius server.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Revoke XML API key for a specific user who is configured on radius server.

L0 Member

Hi,

 

I would like to revoke a xml api key for a specific user who is configured on radius server .

 

Changing the password on the radius server doesnt revoke the old api key of the user.

 

Firewall is still  athenticating the user using old api key.

 

Is there anyway of revoking api key of a specific user on palo alto firewall ?

 

Note : this specific user is an admin user with the help of api he is able to authenticate and get access of the firewall.

 

 

 

 

 

 

 

 

 

 

 

3 REPLIES 3

L4 Transporter

API keys are encrypted version of login+password , so they cannot be revoked , you need to change the password.

 

I could be wrong but after cache dies ( a few minutes/hours ) then the api key should not work anymore

We changed the password on the Radius server but still the firewall authenticates the admin user with the old key. Changed password on the Radius server also didnt help in our situation.

this is really weird , I would open a TAC case

  • 3430 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!