How to Use the PAN-OS REST API

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Team Member

 

Screen Shot 2022-06-09 at 11.27.31 AM.png

 

 

The PAN-OS REST API allows you to manage Firewalls and Panorama. It is a WEB API that uses HTTP or HTTPs and requests are authenticated via an API key. Request bodies and responses are formatted in JSON. 

 

To use the REST API, enable API access for approved administrators and retrieve your API key

 

Now, to get started, understand that the REST API URL format includes a base path and the URI for the endpoint. 

 

curl -X METHOD "https://<IP address or FQDN>/restapi/<PAN-OS version>/<resource URI>

 

Method

GET - Read lists of resources

POST - Create a resource, rename a resource, and move a policy rule

PUT - Modify a resource

DELETE - Delete a resource

 

Resource URI

The PAN-OS REST API makes it simple and uses Objects, Policies, Network, and Device URI for its requests. Here are some available resource endpoints you can reference in your request:

 

# OBJECTS 
/restapi/9.0/Objects/Addresses
/restapi/9.0/Objects/AddressGroups
/restapi/9.0/Objects/Applications
/restapi/9.0/Objects/Services
/restapi/9.0/Objects/ServiceGroups

# POLICIES
/restapi/9.0/Policies/SecurityRules
/restapi/9.0/Policies/NATRules
/restapi/9.0/Policies/QoSRules
/restapi/9.0/Policies/PolicyBasedForwardingRules
/restapi/9.0/Policies/DecryptionRules

 

Not seeing something you would like to work with? Take a look at all the available URI's.

 

Creating a Security Policy

 

 

 

curl -X POST \

  'https://firewall/restapi/pan-os_version/Policies/SecurityRules?location=vsys&vsys=vsys1&name=rule-example1' \
  -H 'X-PAN-KEY: LUFRPT=' \
  -d '{
    "entry": [
        {
            "@location": "vsys",
            "@name": "test",
            "@vsys": "vsys1",
            "action": "allow",
            "application": {
                "member": [
                    "ssl"
                ]
            },
            "category": {
                "member": [
                    "any"
                ]
            },
            "destination": {
                "member": [
                    "any"
                ]
            },
            "from": {
                "member": [
                    "internal"
                ]
            },
            "hip-profiles": {
                "member": [
                    "any"
                ]
            },
            "service": {
                "member": [
                    "application-default"
                ]
            },
            "source": {
                "member": [
                    "any"
                ]
            },
            "source-user": {
                "member": [
                    "any"
                ]
            },
            "to": {
                "member": [
                    "any"
                ]
            }
        }
    ]
}'

 

 

 

 

Thank you for taking time to read this blog. I hope you found this interesting and helpful. Feel free to share your REST API examples in the comments section below!

 

Don't forget to hit the Like (thumbs up) button and to Subscribe to the LIVEcommunity Blog area.

 

Until next time,

JayGolf

Register or Sign-in
Labels
Top Liked Authors