A RESTful API for managing PAN-OS next-generation firewalls including security policies, network objects, address groups, and device configuration. The REST API provides simplif...
The comprehensive XML-based API for PAN-OS providing full access to all firewall configuration, operational commands, reporting, logging, and commit operations. Supports request...
Management interface for PAN-OS based on OpenConfig standard data models, providing gNMI and gNOI services through the OpenConfig plugin. Supports network automation for BGP, in...
The Panorama API uses the same PAN-OS XML and REST API interfaces but provides centralized management of multiple firewalls from a single management server. Supports device grou...
A unified cloud-based API for managing Palo Alto Networks next-generation firewalls and SASE from a single management plane. Strata Cloud Manager provides configuration manageme...
REST APIs for managing Palo Alto Networks Cloud NGFW, a cloud-native managed firewall service available on AWS and Azure. The API supports creating and managing firewall resourc...
A cloud-based API for submitting files, URLs, and links for advanced malware analysis in the WildFire sandbox environment. The API returns threat verdicts (benign, malware, gray...
A REST API for querying Palo Alto Networks threat signature metadata, content release notes, and threat intelligence data. The API provides access to antivirus signatures, anti-...
A threat intelligence API that provided contextual information about malware, campaigns, and threat actors observed across the Palo Alto Networks global threat intelligence netw...
A REST API for managing IoT and OT device security including device discovery, profiling, vulnerability assessment, and security policy recommendations. The API provides endpoin...
A REST API for managing enterprise data loss prevention across Palo Alto Networks platforms. The API provides access to DLP incidents, policy violation reports, data pattern mat...
REST APIs for configuring and monitoring Prisma Access, Palo Alto Networks' cloud-delivered SASE platform. The Configuration API manages security policies, remote networks, serv...
A REST API for monitoring digital experience metrics within Prisma Access environments. The Autonomous Digital Experience Management (ADEM) API provides application performance ...
REST APIs for managing Prisma SD-WAN (formerly CloudGenix) branch networking infrastructure. The API supports configuration of sites, WAN interfaces, routing policies, applicati...
The Cloud Security Posture Management API for Prisma Cloud (formerly RedLock) providing programmatic access to cloud security monitoring across AWS, Azure, GCP, and Oracle Cloud...
The Cloud Workload Protection Platform (CWPP) API for Prisma Cloud (formerly Twistlock) providing security for containers, hosts, and serverless functions. The API covers image ...
A REST API for Prisma Cloud Application Security (formerly Bridgecrew) providing infrastructure-as-code scanning, software composition analysis, and supply chain security. The A...
A REST API for the Cortex XDR extended detection and response platform providing programmatic access to incident management, alert handling, endpoint operations, and threat hunt...
APIs and development framework for Cortex XSOAR (formerly Demisto), the security orchestration, automation, and response platform. The REST API provides programmatic access to i...
A REST API for Cortex XSIAM, the AI-driven security operations platform that combines SIEM, XDR, SOAR, and ASM capabilities. The API provides endpoints for incident management, ...
The AI Runtime Security API (API Intercept) for securing generative AI applications, AI models, AI data, and AI agents against prompt injection, data leakage, toxic content, mal...
A REST API (currently in beta) for programmatically querying Palo Alto Networks security advisories published by the Product Security Incident Response Team (PSIRT). The API sup...
A REST API for Cortex Xpanse, the attack surface management platform that discovers, evaluates, and mitigates risks on internet-facing assets. The API provides programmatic acce...
A REST API (currently in beta) for retrieving DNS domain details, categorization information, and contextual network access statistics from the Palo Alto Networks DNS Security s...
A REST API for programmatically reviewing and managing Email DLP incidents detected across enterprise email channels. The API supports retrieving incident details, updating verd...
A REST API for scanning and protecting assets stored in sanctioned SaaS applications. The API provides at-rest detection, inspection, and remediation capabilities for data store...
A REST API for managing SaaS Security Posture Management providing continuous monitoring of misconfigured SaaS application settings. The API supports managing onboarded SaaS app...
REST APIs for managing Zero Trust Network Access connectors within the Prisma Access SASE platform. The API supports creating and managing ZTNA connectors, applications, license...
REST APIs for scaling and automating processes related to the Prisma Access secure enterprise browser. The API supports browser deployment management, policy configuration, and ...
A REST API for creating and managing Tenant Service Groups (TSGs) within the Palo Alto Networks SASE platform. The API supports building tenant hierarchies for multi-tenant depl...
A REST API for managing identity and access on the SASE platform including creating service accounts, managing access policies, and configuring role-based access control for SAS...
A REST API for managing license subscriptions assigned to Tenant Service Groups within the SASE platform. The API supports querying subscription entitlements, managing license a...
A REST API for performing aggregated monitoring queries across SASE tenants. The API supports querying application usage, threat data, URL categorization, and license utilizatio...
A REST API for the AIOps Best Practice Assessment service that programmatically generates firewall configuration assessments against Palo Alto Networks best practice recommendat...
REST APIs for the Strata Logging Service (formerly Cortex Data Lake) providing log forwarding and query capabilities. The Log Forwarding API manages log forwarding profiles for ...
A REST API enabling third-party SD-WAN integration with Prisma Access Remote Networks. The API supports automated tunnel configuration, branch onboarding workflows, and coordina...
A REST API for Data Security Posture Management within Prisma Cloud providing visibility and control over sensitive data stored across multi-cloud environments. The API supports...
REST APIs for managing scalable, multi-tenant, agentless security for 5G networks. The API supports provisioning and configuring 5G security services that integrate with 5G auth...
An automated red teaming API for assessing the safety and security of generative AI systems including large language models and LLM-powered applications. The API simulates real-...
A REST API within the SaaS Security Posture Management framework providing security-related metrics and configurations for user and service accounts across SaaS environments. Th...
REST APIs for monitoring 5G security services within the SASE platform. Provides telemetry, analytics, and health monitoring data for 5G network security deployments. Complement...
A public JSON API for monitoring Prisma SASE service health and status built on the Atlassian StatusPage platform. Provides endpoints for overall service status, individual comp...
A public JSON API for monitoring the status of all Palo Alto Networks cloud services and products built on the Atlassian StatusPage platform. Provides endpoints for portfolio-wi...
The OAuth 2.0 authentication service that provides access tokens for all Prisma SASE platform APIs. Uses Client ID and Client Secret credentials to generate short-lived bearer t...
A RESTful API for the Expedition 2.0 migration tool enabling programmatic firewall configuration migration from third-party vendors, policy optimization, and rule analysis. Supp...
A REST API for managing notifications and notification profiles across SASE multitenant environments. Supports creating and managing notification profiles, configuring webhook d...
A REST API for managing service provider interconnect configurations within the SASE platform. Enables using service provider backbones for directing Prisma Access egress traffi...
A REST API for the Cloud Identity Engine (CIE) Directory Sync Service that aggregates, normalizes, and provides access to enterprise identity data from multiple directory source...
A REST API enabling Managed Security Service Providers to manage multi-tenant security operations at scale within Prisma Cloud. The API provides endpoints for policy group and t...
A REST API for licensing VM-Series virtual firewalls that do not have direct internet access to the Palo Alto Networks license server. Supports automated license activation, dea...
A REST API for querying the health and performance of Prisma Access network deployments across multiple API versions (v1.0, v2.0, v3.0). Supports data resource queries for tunne...
Zero Trust Network Security
Next-generation firewall policies with application, user, and content awareness for enforcing zero trust across on-premises and cloud environments.
AI-Powered Threat Prevention
Machine learning and deep learning models that detect and prevent known and unknown threats in real time across network traffic, files, and URLs.
Cloud-Native Application Protection
Full lifecycle cloud security spanning code, build, deploy, and runtime with CSPM, CWPP, code security, and data security posture management.
Security Orchestration and Automation
Automated incident response with playbooks, integrations, and case management through Cortex XSOAR and XSIAM platforms.
Extended Detection and Response
Cross-data-source threat detection correlating endpoint, network, cloud, and identity data through Cortex XDR for unified security operations.
AI Runtime Security
Real-time scanning of AI application prompts and responses for prompt injection, data leakage, toxic content, and other AI-specific threats.
Secure Access Service Edge
Cloud-delivered security and networking combining Prisma Access, SD-WAN, ZTNA, and cloud SWG for secure access from any location.
Attack Surface Management
Continuous discovery and monitoring of internet-facing assets and exposures through Cortex Xpanse for external attack surface visibility.
Infrastructure as Code Security
Automated security scanning of Terraform, CloudFormation, Kubernetes, and other IaC templates for misconfigurations before deployment.
Digital Experience Monitoring
End-to-end visibility into application performance and user experience across SASE connections with Autonomous DEM.
Threat Intelligence
Comprehensive threat intelligence through Threat Vault, WildFire malware analysis, DNS Security, and Unit 42 research for proactive defense.
Multi-Tenant Management
Hierarchical tenant management with delegated administration, aggregate monitoring, and shared policy for MSSPs and large enterprises.
SOC Automation
Automate alert triage, incident investigation, and response actions using Cortex XDR, XSOAR playbooks, and XSIAM correlation rules.
Firewall Policy Management
Programmatically manage security policies, address objects, and NAT rules across PAN-OS firewalls and Panorama using REST or XML APIs.
Cloud Security Posture
Monitor and remediate cloud misconfigurations, compliance violations, and vulnerabilities across AWS, Azure, and GCP using Prisma Cloud APIs.
Threat Hunting
Query threat intelligence databases, submit suspicious files for analysis, and correlate IOCs across Threat Vault, WildFire, and DNS Security.
SASE Deployment Automation
Automate Prisma Access remote network onboarding, SD-WAN site configuration, and ZTNA connector deployment using SASE platform APIs.
DevSecOps Pipeline Integration
Embed security scanning into CI/CD pipelines with Prisma Cloud code security APIs for IaC scanning, SCA, and secrets detection.
AI Application Security
Integrate Prisma AIRS API Intercept into AI application code to scan LLM prompts and responses for security threats in real time.
Compliance Monitoring
Continuously assess cloud infrastructure against CIS benchmarks, PCI DSS, HIPAA, SOC 2, and custom compliance standards using Prisma Cloud.
Log Forwarding and SIEM Integration
Forward security logs from firewalls and cloud services to Splunk, QRadar, and other SIEMs using Strata Logging Service APIs.
Multi-Tenant Security Operations
Manage security across tenant hierarchies with aggregate monitoring, shared notifications, and delegated administration for MSSPs.
4 classes · 32 properties
JSON-LD
6 classes · 39 properties
JSON-LD
13 classes · 12 properties
JSON-LD
16 classes · 55 properties
JSON-LD
7 classes · 66 properties
JSON-LD
1 classes · 32 properties
JSON-LD
2 classes · 10 properties
JSON-LD
8 classes · 60 properties
JSON-LD
8 classes · 57 properties
JSON-LD
3 classes · 8 properties
JSON-LD
11 classes · 61 properties
JSON-LD
2 classes · 25 properties
JSON-LD
4 classes · 55 properties
JSON-LD
2 classes · 23 properties
JSON-LD
3 classes · 25 properties
JSON-LD
19 classes · 66 properties
JSON-LD
6 classes · 54 properties
JSON-LD
0 classes · 72 properties
JSON-LD
63 classes · 6 properties
JSON-LD
3 classes · 27 properties
JSON-LD
12 classes · 57 properties
JSON-LD
7 classes · 56 properties
JSON-LD
8 classes · 41 properties
JSON-LD
7 classes · 34 properties
JSON-LD
7 classes · 45 properties
JSON-LD
5 classes · 28 properties
JSON-LD
6 classes · 53 properties
JSON-LD
12 classes · 81 properties
JSON-LD
3 classes · 28 properties
JSON-LD
9 classes · 49 properties
JSON-LD
6 classes · 50 properties
JSON-LD
66 classes · 124 properties
JSON-LD
1 classes · 11 properties
JSON-LD
8 classes · 59 properties
JSON-LD
6 classes · 36 properties
JSON-LD
7 classes · 34 properties
JSON-LD
5 classes · 17 properties
JSON-LD
3 classes · 21 properties
JSON-LD
8 classes · 34 properties
JSON-LD
7 classes · 17 properties
JSON-LD
8 classes · 35 properties
JSON-LD
14 classes · 49 properties
JSON-LD
7 classes · 34 properties
JSON-LD
5 classes · 19 properties
JSON-LD
3 classes · 11 properties
JSON-LD
3 classes · 22 properties
JSON-LD
6 classes · 32 properties
JSON-LD
6 classes · 36 properties
JSON-LD
17 classes · 51 properties
JSON-LD
5 classes · 51 properties
JSON-LD
9 classes · 29 properties
JSON-LD
9 classes · 50 properties
JSON-LD
6 classes · 27 properties
JSON-LD
11 classes · 25 properties
JSON-LD
aid: palo-alto-networks
name: Palo Alto Networks
description: >-
Palo Alto Networks is a global cybersecurity leader providing advanced security platforms and services across network
security, cloud security, and security operations. Its developer platform at pan.dev offers REST and XML APIs for
PAN-OS firewalls, Strata Cloud Manager, Prisma Cloud (CSPM, CWPP, code security), Prisma Access and SD-WAN for SASE,
Cortex XDR/XSOAR/XSIAM for security operations, and cloud-delivered security services including WildFire, Threat
Vault, IoT Security, and DLP.
url: https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/apis.yml
tags:
- Cloud Security
- Cybersecurity
- Firewall
- Network Security
- SASE
- SOAR
- Threat Intelligence
- XDR
created: '2024-01-01'
modified: '2026-05-19'
integrations:
- name: CSP
- name: GSI
- name: MSSP
- name: SP
- name: Solution Providers
- name: Partner Login
maintainers:
- name: Kin Lane
email: [email protected]
apis:
- aid: palo-alto-networks:pan-os-rest-api
name: PAN-OS REST API
tags:
- Configuration
- Firewall
- Network Security
- Policies
- REST API
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://{firewall}/restapi/v10.2
humanURL: https://pan.dev/panos/docs/restapi/
properties:
- url: https://pan.dev/panos/docs/restapi/
type: Documentation
- url: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/get-started-with-the-pan-os-rest-api
type: GettingStarted
- url: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/pan-os-rest-api-reference
type: APIReference
- url: >-
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/get-started-with-the-pan-os-rest-api/get-your-api-key
type: Authentication
- url: openapi/palo-alto-pan-os-rest-api-openapi-original.yml
type: OpenAPI
- url: json-schema/pan-os-rest-api-address-group-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-address-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-commit-status-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-nat-rule-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-pan-os-response-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-qos-rule-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-security-rule-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-service-group-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-service-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-tag-schema.json
type: JSONSchema
- url: json-schema/pan-os-rest-api-virtual-system-schema.json
type: JSONSchema
- url: json-schema/pan-os-security-rule-schema.json
type: JSONSchema
- url: json-structure/pan-os-rest-api-address-group-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-address-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-commit-status-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-nat-rule-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-pan-os-response-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-qos-rule-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-security-rule-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-service-group-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-service-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-tag-structure.json
type: JSONStructure
- url: json-structure/pan-os-rest-api-virtual-system-structure.json
type: JSONStructure
- url: json-structure/pan-os-security-rule-structure.json
type: JSONStructure
- url: json-ld/palo-alto-pan-os-rest-api-context.jsonld
type: JSONLD
- url: examples/pan-os-rest-api-address-example.json
type: Example
- url: examples/pan-os-rest-api-address-group-example.json
type: Example
- url: examples/pan-os-rest-api-commit-status-example.json
type: Example
- url: examples/pan-os-rest-api-nat-rule-example.json
type: Example
- url: examples/pan-os-rest-api-pan-os-response-example.json
type: Example
- url: examples/pan-os-rest-api-qos-rule-example.json
type: Example
- url: examples/pan-os-rest-api-security-rule-example.json
type: Example
- url: examples/pan-os-rest-api-service-example.json
type: Example
- url: examples/pan-os-rest-api-service-group-example.json
type: Example
- url: examples/pan-os-rest-api-tag-example.json
type: Example
- url: examples/pan-os-rest-api-virtual-system-example.json
type: Example
- url: examples/pan-os-security-rule-example.json
type: Example
- url: json-ld/palo-alto-pan-os-context.jsonld
type: JSONLD
description: >-
A RESTful API for managing PAN-OS next-generation firewalls including security policies, network objects, address
groups, and device configuration. The REST API provides simplified JSON-based access to common firewall operations
as an alternative to the XML API. Supports CRUD operations on policy rules, address objects, service objects, and
security profiles. Authentication uses API keys generated from the firewall management interface or via the XML
API keygen command.
- aid: palo-alto-networks:pan-os-xml-api
name: PAN-OS XML API
tags:
- Configuration
- Firewall
- Monitoring
- Operations
- XML
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://{firewall}/api/
humanURL: https://pan.dev/panos/docs/xmlapi/
properties:
- url: https://pan.dev/panos/docs/xmlapi/
type: Documentation
- url: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/get-started-with-the-pan-os-xml-api
type: GettingStarted
- url: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/pan-os-xml-api-request-types
type: APIReference
- url: >-
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/get-started-with-the-pan-os-xml-api/get-your-api-key
type: Authentication
- url: json-schema/pan-os-security-rule-schema.json
type: JSONSchema
description: >-
The comprehensive XML-based API for PAN-OS providing full access to all firewall configuration, operational
commands, reporting, logging, and commit operations. Supports request types including keygen for authentication,
config for configuration changes using XPath, op for operational commands, report for generating reports, log for
retrieving traffic and threat logs, and user-id for dynamic user-to-IP mapping.
- aid: palo-alto-networks:openconfig-api
name: PAN-OS OpenConfig API
tags:
- Firewall
- gNMI
- Network Automation
- OpenConfig
- Telemetry
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://{firewall}
humanURL: https://docs.paloaltonetworks.com/openconfig
properties:
- url: https://docs.paloaltonetworks.com/openconfig
type: Documentation
- url: https://docs.paloaltonetworks.com/openconfig/2-0/openconfig-admin/getting-started
type: GettingStarted
- url: https://docs.paloaltonetworks.com/openconfig/2-0/openconfig-admin/pan-os-models/pan-os-openconfig-xmlapi
type: APIReference
description: >-
Management interface for PAN-OS based on OpenConfig standard data models, providing gNMI and gNOI services through
the OpenConfig plugin. Supports network automation for BGP, interfaces, LACP, LLDP, VLANs, local routes, system,
and platform configuration, as well as telemetry streaming. Includes a PAN-OS OpenConfig XML API for integration
with standard network management tools.
- aid: palo-alto-networks:panorama-api
name: Panorama API
tags:
- Centralized Management
- Device Groups
- Firewall
- Orchestration
- Templates
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://{panorama}/api/
humanURL: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/panorama-api
properties:
- url: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/panorama-api
type: Documentation
- url: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api
type: APIReference
description: >-
The Panorama API uses the same PAN-OS XML and REST API interfaces but provides centralized management of multiple
firewalls from a single management server. Supports device group and template stack operations for pushing
configuration to managed firewalls, centralized logging and reporting, and multi-device commit workflows.
Panorama-specific API operations include managing device groups, template stacks, log collectors, and performing
push operations to managed devices.
- aid: palo-alto-networks:strata-cloud-manager-api
name: Strata Cloud Manager API
tags:
- Cloud Management
- Configuration
- NGFW
- SASE
- Unified Management
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://api.strata.paloaltonetworks.com
humanURL: https://pan.dev/scm/docs/home/
properties:
- url: https://pan.dev/scm/docs/home/
type: Documentation
- url: https://pan.dev/scm/api/
type: APIReference
- url: https://pan.dev/scm/docs/getstarted/
type: GettingStarted
- url: https://pan.dev/scm/docs/api-call/
type: GettingStarted
- url: https://pan.dev/scm/docs/api-best-practices/
type: BestPractices
- url: https://pan.dev/scm/docs/release-notes/
type: ChangeLog
- url: openapi/palo-alto-strata-cloud-manager-api-openapi-original.yml
type: OpenAPI
- url: https://github.com/PaloAltoNetworks/scm-go
type: SDK
title: Go SDK
- url: json-schema/strata-cloud-manager-api-address-group-list-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-address-group-request-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-address-group-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-address-list-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-address-request-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-address-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-delete-response-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-job-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-nat-rule-list-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-nat-rule-request-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-nat-rule-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-security-rule-list-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-security-rule-request-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-security-rule-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-service-list-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-service-request-schema.json
type: JSONSchema
- url: json-schema/strata-cloud-manager-api-service-schema.json
type: JSONSchema
- url: json-structure/strata-cloud-manager-api-address-group-list-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-address-group-request-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-address-group-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-address-list-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-address-request-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-address-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-delete-response-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-job-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-nat-rule-list-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-nat-rule-request-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-nat-rule-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-security-rule-list-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-security-rule-request-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-security-rule-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-service-list-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-service-request-structure.json
type: JSONStructure
- url: json-structure/strata-cloud-manager-api-service-structure.json
type: JSONStructure
- url: json-ld/palo-alto-strata-cloud-manager-api-context.jsonld
type: JSONLD
- url: examples/strata-cloud-manager-api-address-example.json
type: Example
- url: examples/strata-cloud-manager-api-address-group-example.json
type: Example
- url: examples/strata-cloud-manager-api-address-group-list-example.json
type: Example
- url: examples/strata-cloud-manager-api-address-group-request-example.json
type: Example
- url: examples/strata-cloud-manager-api-address-list-example.json
type: Example
- url: examples/strata-cloud-manager-api-address-request-example.json
type: Example
- url: examples/strata-cloud-manager-api-delete-response-example.json
type: Example
- url: examples/strata-cloud-manager-api-job-example.json
type: Example
- url: examples/strata-cloud-manager-api-nat-rule-example.json
type: Example
- url: examples/strata-cloud-manager-api-nat-rule-list-example.json
type: Example
- url: examples/strata-cloud-manager-api-nat-rule-request-example.json
type: Example
- url: examples/strata-cloud-manager-api-security-rule-example.json
type: Example
- url: examples/strata-cloud-manager-api-security-rule-list-example.json
type: Example
- url: examples/strata-cloud-manager-api-security-rule-request-example.json
type: Example
- url: examples/strata-cloud-manager-api-service-example.json
type: Example
- url: examples/strata-cloud-manager-api-service-list-example.json
type: Example
- url: examples/strata-cloud-manager-api-service-request-example.json
type: Example
description: >-
A unified cloud-based API for managing Palo Alto Networks next-generation firewalls and SASE from a single
management plane. Strata Cloud Manager provides configuration management for security policies, network objects,
and device settings across hardware, virtual, and cloud-native firewalls. The API uses OAuth 2.0 authentication
with bearer tokens and provides RESTful endpoints for policy lifecycle management, object CRUD operations, and
deployment workflows.
- aid: palo-alto-networks:cloud-ngfw-api
name: Cloud NGFW API
tags:
- AWS
- Azure
- Cloud Security
- Cloud-Native Firewall
- Managed Service
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://api.{region}.aws.cloudngfw.paloaltonetworks.com
humanURL: https://pan.dev/cloudngfw/aws/api/
properties:
- url: https://pan.dev/cloudngfw/aws/api/
type: Documentation
- url: https://pan.dev/cloudngfw/docs/getstarted_azure/
type: GettingStarted
- url: openapi/palo-alto-cloud-ngfw-api-openapi-original.yml
type: OpenAPI
- url: json-schema/cloud-ngfw-api-firewall-request-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-firewall-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-firewall-summary-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-fqdn-list-request-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-fqdn-list-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-fqdn-list-summary-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-prefix-list-request-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-prefix-list-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-prefix-list-summary-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-response-status-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-rule-destination-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-rule-source-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-rule-stack-request-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-rule-stack-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-rule-stack-summary-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-security-rule-request-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-security-rule-schema.json
type: JSONSchema
- url: json-schema/cloud-ngfw-api-security-rule-summary-schema.json
type: JSONSchema
- url: json-structure/cloud-ngfw-api-firewall-request-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-firewall-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-firewall-summary-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-fqdn-list-request-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-fqdn-list-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-fqdn-list-summary-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-prefix-list-request-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-prefix-list-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-prefix-list-summary-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-response-status-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-rule-destination-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-rule-source-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-rule-stack-request-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-rule-stack-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-rule-stack-summary-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-security-rule-request-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-security-rule-structure.json
type: JSONStructure
- url: json-structure/cloud-ngfw-api-security-rule-summary-structure.json
type: JSONStructure
- url: json-ld/palo-alto-cloud-ngfw-api-context.jsonld
type: JSONLD
- url: examples/cloud-ngfw-api-firewall-example.json
type: Example
- url: examples/cloud-ngfw-api-firewall-request-example.json
type: Example
- url: examples/cloud-ngfw-api-firewall-summary-example.json
type: Example
- url: examples/cloud-ngfw-api-fqdn-list-example.json
type: Example
- url: examples/cloud-ngfw-api-fqdn-list-request-example.json
type: Example
- url: examples/cloud-ngfw-api-fqdn-list-summary-example.json
type: Example
- url: examples/cloud-ngfw-api-prefix-list-example.json
type: Example
- url: examples/cloud-ngfw-api-prefix-list-request-example.json
type: Example
- url: examples/cloud-ngfw-api-prefix-list-summary-example.json
type: Example
- url: examples/cloud-ngfw-api-response-status-example.json
type: Example
- url: examples/cloud-ngfw-api-rule-destination-example.json
type: Example
- url: examples/cloud-ngfw-api-rule-source-example.json
type: Example
- url: examples/cloud-ngfw-api-rule-stack-example.json
type: Example
- url: examples/cloud-ngfw-api-rule-stack-request-example.json
type: Example
- url: examples/cloud-ngfw-api-rule-stack-summary-example.json
type: Example
- url: examples/cloud-ngfw-api-security-rule-example.json
type: Example
- url: examples/cloud-ngfw-api-security-rule-request-example.json
type: Example
- url: examples/cloud-ngfw-api-security-rule-summary-example.json
type: Example
description: >-
REST APIs for managing Palo Alto Networks Cloud NGFW, a cloud-native managed firewall service available on AWS and
Azure. The API supports creating and managing firewall resources, configuring security rules and rule stacks,
managing FQDN lists and prefix lists, and retrieving firewall logs. On AWS, authentication uses IAM roles; on
Azure, authentication uses Azure Active Directory.
- aid: palo-alto-networks:wildfire-api
name: WildFire API
tags:
- File Analysis
- Malware Analysis
- Sandbox
- Threat Prevention
- Verdicts
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://wildfire.paloaltonetworks.com/publicapi/
humanURL: https://docs.paloaltonetworks.com/wildfire/u-v/wildfire-api
properties:
- url: https://docs.paloaltonetworks.com/wildfire/u-v/wildfire-api
type: Documentation
- url: https://docs.paloaltonetworks.com/wildfire/u-v/wildfire-api/get-started-with-the-wildfire-api
type: GettingStarted
- url: https://docs.paloaltonetworks.com/wildfire/u-v/wildfire-api
type: APIReference
- url: openapi/palo-alto-wildfire-api-openapi-original.yml
type: OpenAPI
- url: json-schema/wildfire-api-analysis-report-schema.json
type: JSONSchema
- url: json-schema/wildfire-api-bulk-verdict-response-schema.json
type: JSONSchema
- url: json-schema/wildfire-api-sandbox-report-schema.json
type: JSONSchema
- url: json-schema/wildfire-api-submit-response-schema.json
type: JSONSchema
- url: json-schema/wildfire-api-verdict-response-schema.json
type: JSONSchema
- url: json-structure/wildfire-api-analysis-report-structure.json
type: JSONStructure
- url: json-structure/wildfire-api-bulk-verdict-response-structure.json
type: JSONStructure
- url: json-structure/wildfire-api-sandbox-report-structure.json
type: JSONStructure
- url: json-structure/wildfire-api-submit-response-structure.json
type: JSONStructure
- url: json-structure/wildfire-api-verdict-response-structure.json
type: JSONStructure
- url: json-ld/palo-alto-wildfire-api-context.jsonld
type: JSONLD
- url: examples/wildfire-api-analysis-report-example.json
type: Example
- url: examples/wildfire-api-bulk-verdict-response-example.json
type: Example
- url: examples/wildfire-api-sandbox-report-example.json
type: Example
- url: examples/wildfire-api-submit-response-example.json
type: Example
- url: examples/wildfire-api-verdict-response-example.json
type: Example
description: >-
A cloud-based API for submitting files, URLs, and links for advanced malware analysis in the WildFire sandbox
environment. The API returns threat verdicts (benign, malware, grayware, phishing) and detailed analysis reports
including behavioral indicators, network activity, and file artifacts. Supports file submission via multipart form
upload, verdict queries by hash (MD5, SHA-256), and retrieval of PCAP files and detailed analysis reports.
- aid: palo-alto-networks:threat-vault-api
name: Threat Vault API
tags:
- Antivirus
- CVE
- IPS
- Signatures
- Threat Intelligence
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://api.threatvault.paloaltonetworks.com
humanURL: https://pan.dev/threat-vault/api/
properties:
- url: https://pan.dev/threat-vault/api/
type: Documentation
- url: https://pan.dev/cdss/docs/getstarted/
type: GettingStarted
- url: https://pan.dev/cdss/docs/authentication/
type: Authentication
- url: https://pan.dev/cdss/docs/api-call/
type: GettingStarted
- url: openapi/palo-alto-threat-vault-api-openapi-original.yml
type: OpenAPI
- url: json-schema/threat-vault-api-api-stats-schema.json
type: JSONSchema
- url: json-schema/threat-vault-api-atp-report-list-schema.json
type: JSONSchema
- url: json-schema/threat-vault-api-atp-report-schema.json
type: JSONSchema
- url: json-schema/threat-vault-api-release-note-schema.json
type: JSONSchema
- url: json-schema/threat-vault-api-release-notes-list-schema.json
type: JSONSchema
- url: json-schema/threat-vault-api-threat-history-entry-schema.json
type: JSONSchema
- url: json-schema/threat-vault-api-threat-history-list-schema.json
type: JSONSchema
- url: json-schema/threat-vault-api-threat-list-schema.json
type: JSONSchema
- url: json-schema/threat-vault-api-threat-signature-schema.json
type: JSONSchema
- url: json-structure/threat-vault-api-api-stats-structure.json
type: JSONStructure
- url: json-structure/threat-vault-api-atp-report-list-structure.json
type: JSONStructure
- url: json-structure/threat-vault-api-atp-report-structure.json
type: JSONStructure
- url: json-structure/threat-vault-api-release-note-structure.json
type: JSONStructure
- url: json-structure/threat-vault-api-release-notes-list-structure.json
type: JSONStructure
- url: json-structure/threat-vault-api-threat-history-entry-structure.json
type: JSONStructure
- url: json-structure/threat-vault-api-threat-history-list-structure.json
type: JSONStructure
- url: json-structure/threat-vault-api-threat-list-structure.json
type: JSONStructure
- url: json-structure/threat-vault-api-threat-signature-structure.json
type: JSONStructure
- url: json-ld/palo-alto-threat-vault-api-context.jsonld
type: JSONLD
- url: examples/threat-vault-api-api-stats-example.json
type: Example
- url: examples/threat-vault-api-atp-report-example.json
type: Example
- url: examples/threat-vault-api-atp-report-list-example.json
type: Example
- url: examples/threat-vault-api-release-note-example.json
type: Example
- url: examples/threat-vault-api-release-notes-list-example.json
type: Example
- url: examples/threat-vault-api-threat-history-entry-example.json
type: Example
- url: examples/threat-vault-api-threat-history-list-example.json
type: Example
- url: examples/threat-vault-api-threat-list-example.json
type: Example
- url: examples/threat-vault-api-threat-signature-example.json
type: Example
description: >-
A REST API for querying Palo Alto Networks threat signature metadata, content release notes, and threat
intelligence data. The API provides access to antivirus signatures, anti-spyware signatures, vulnerability
protection (IPS) signatures, and file type identification data. Supports queries by signature ID, CVE, threat
name, and content release version. Replaces the deprecated AutoFocus API for threat intelligence lookups. Requires
an Advanced Threat Prevention or Threat Prevention subscription.
- aid: palo-alto-networks:autofocus-api
name: AutoFocus API (Deprecated)
tags:
- Analysis
- Deprecated
- Malware
- Threat Intelligence
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://autofocus.paloaltonetworks.com/api/v1.0/
humanURL: https://docs.paloaltonetworks.com/autofocus/autofocus-api
properties:
- url: https://docs.paloaltonetworks.com/autofocus/autofocus-api
type: Documentation
- url: https://docs.paloaltonetworks.com/autofocus/autofocus-api/get-started-with-the-autofocus-api
type: GettingStarted
description: >-
A threat intelligence API that provided contextual information about malware, campaigns, and threat actors
observed across the Palo Alto Networks global threat intelligence network. AutoFocus reached end-of-sale on
September 30, 2022, and end-of-support on September 30, 2025. Developers should migrate to the Threat Vault API
for threat signature lookups and to Cortex XDR or XSIAM for advanced threat intelligence and investigation
capabilities.
- aid: palo-alto-networks:iot-security-api
name: IoT Security API
tags:
- Asset Discovery
- Device Security
- IoT
- Network Segmentation
- OT Security
image: https://kinlane-productions2.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://{customer}.iot.paloaltonetworks.com/pub/v4.0/
humanURL: https://pan.dev/iot/api/
properties:
- url: https://pan.dev/iot/api/
type: Documentation
- url: openapi/palo-alto-iot-security-api-openapi-original.yml
type: OpenAPI
- url: json-schema/iot-security-api-alert-schema.json
type: JSONSchema
- url: json-schema/iot-security-api-asset-report-schema.json
type: JSONSchema
- url: json-schema/iot-security-api-device-schema.json
type: JSONSchema
- url: json-schema/iot-security-api-device-tag-schema.json
type: JSONSchema
- url: json-schema/iot-security-api-policy-recommendation-schema.json
type: JSONSchema
- url: json-schema/iot-security-api-vulnerability-schema.json
type: JSONSchema
- url: json-structure/iot-security-api-alert-structure.json
type: JSONStructure
- url: json-structure/iot-security-api-asset-report-structure.json
type: JSONStructure
- url: json-structure/iot-security-api-device-structure.json
type: JSONStructure
- url: json-structure/iot-security-api-device-tag-structure.json
type: JSONStructure
- url: json-structure/iot-security-api-policy-recommendation-structure.json
type: JSONStructure
- url: json-structure/iot-security-api-vulnerability-structure.json
type: JSONStructure
- url: json-ld/palo-alto-iot-security-api-context.jsonld
type: JSONLD
- url: examples/iot-security-api-alert-example.json
type: Example
- url: examples/iot-security-api-asset-report-example.json
# --- truncated at 32 KB (215 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/apis.yml
