This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Who rated this post

BPry
Cyber Elite
Cyber Elite

‎12-05-2022 09:03 AM

@ThomasEikeland,

The problem that you'll run into isn't that it isn't possible, but that the passwords are hashed in the configuration and stored as a phash value. That being said, as long as you know what to set the phash value to, modifying it and uploading the configuration and committing it via the API isn't a problem at all.

The thing that you'll have to be mindful of is that your API account that you're using is something you wouldn't want to upgrade the password to. This will invalidate your keys, and you'd have to go back through and re-generate them with the new password. This is something you can easily work around and even automate updating through something like Vault, but it's good to be mindful of the consequences of rotating those credentials. 

 

View solution in original post

(1)
Who rated this post
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks