This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

How to Use the PAN-OS REST API

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How to Use the PAN-OS REST API

JayGolf
Community Team Member
‎06-09-2022 12:25 PM

 

Screen Shot 2022-06-09 at 11.27.31 AM.png

 

 

The PAN-OS REST API allows you to manage Firewalls and Panorama. It is a WEB API that uses HTTP or HTTPs and requests are authenticated via an API key. Request bodies and responses are formatted in JSON. 

 

To use the REST API, enable API access for approved administrators and retrieve your API key

 

Now, to get started, understand that the REST API URL format includes a base path and the URI for the endpoint. 

 

curl -X METHOD "https://<IP address or FQDN>/restapi/<PAN-OS version>/<resource URI>

 

Method

GET - Read lists of resources

POST - Create a resource, rename a resource, and move a policy rule

PUT - Modify a resource

DELETE - Delete a resource

 

Resource URI

The PAN-OS REST API makes it simple and uses Objects, Policies, Network, and Device URI for its requests. Here are some available resource endpoints you can reference in your request:

 

# OBJECTS 
/restapi/9.0/Objects/Addresses
/restapi/9.0/Objects/AddressGroups
/restapi/9.0/Objects/Applications
/restapi/9.0/Objects/Services
/restapi/9.0/Objects/ServiceGroups

# POLICIES 
/restapi/9.0/Policies/SecurityRules
/restapi/9.0/Policies/NATRules
/restapi/9.0/Policies/QoSRules
/restapi/9.0/Policies/PolicyBasedForwardingRules
/restapi/9.0/Policies/DecryptionRules

 

Not seeing something you would like to work with? Take a look at all the available URI's.

 

Creating a Security Policy

 

 

 

curl -X POST \

  'https://firewall/restapi/pan-os_version/Policies/SecurityRules?location=vsys&vsys=vsys1&name=rule-example1' \
  -H 'X-PAN-KEY: LUFRPT=' \
  -d '{
    "entry": [
        {
            "@location": "vsys",
            "@name": "test",
            "@vsys": "vsys1",
            "action": "allow",
            "application": {
                "member": [
                    "ssl"
                ]
            },
            "category": {
                "member": [
                    "any"
                ]
            },
            "destination": {
                "member": [
                    "any"
                ]
            },
            "from": {
                "member": [
                    "internal"
                ]
            },
            "hip-profiles": {
                "member": [
                    "any"
                ]
            },
            "service": {
                "member": [
                    "application-default"
                ]
            },
            "source": {
                "member": [
                    "any"
                ]
            },
            "source-user": {
                "member": [
                    "any"
                ]
            },
            "to": {
                "member": [
                    "any"
                ]
            }
        }
    ]
}'

 

 

 

 

 

Additional Resources:

Building Next-Gen Automation

PAN-OS and Panorama API Usage Guide

Palo Alto Networks Github

 

 

Thank you for taking time to read this blog. I hope you found this interesting and helpful. Feel free to share your REST API examples in the comments section below!

 

Don't forget to hit the Like (thumbs up) button and to Subscribe to the LIVEcommunity Blog area.

 

Until next time,

JayGolf

Labels:
1 Comment
  • 6166 Views
  • 1 comments
  • 5 Likes
Register or Sign-in
Labels
Popular Blogs
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks