Skip to content

Instantly share code, notes, and snippets.

@jworl

jworl/palo-alto-api-notes

Last active Apr 15, 2020
Embed
What would you like to do?
## upload config
curl -u admin:${p} -k --form file="@./path/to/cloud-portal-template.xml" "https://${ip}/api/?type=import&category=configuration"
<response status="success"><msg><line>cloud-portal-template.xml saved</line></msg></response>
## load config
curl -u admin:${p} -k "https://${ip}/api/?type=op&cmd=<load><config><from>cloud-portal-template.xml</from></config></load>"
<response status="success"><result><msg><line>Config loaded from cloud-portal-template.xml</line></msg></result></response>
## commit config
curl -u admin:${p} -k "https://${ip}/api/?type=commit&cmd=<commit><force></force></commit>"
<response status="success" code="19"><result><msg><line>Commit job enqueued with jobid 3</line></msg><job>3</job></result></response>
## Auto license but FYI-- haven't found way to retrieve on FW through API
curl -i -H "apikey:${licensetoken}" --data-urlencode cpuid="AWS:ASDFASDGASDG" --data-urlencode uuid="EC2NOTEE-CTHE-REAL-FKEY-7FEAAAAAF0B9" --data-urlencode authCode=${AUTHCODE} https://api.paloaltonetworks.com/api/license/activate
## request API token
curl -k "https://${ip}/api/?type=keygen&user=admin&password=${p}"
<response status = 'success'><result><key>NOTTHEREALKEYD</key></result></response>
## globalprotect client download
curl -k "https://${ip}/api/?type=op&cmd=<request><global-protect-client><software><download><version>5.1.1</version></download></software></global-protect-client></request>&key=${apitok}"
<response status="success" code="19"><result><msg><line>Download job enqueued with jobid 6</line></msg><job>6</job></result></response>
## globalprotect client activate
curl -k "https://${ip}/api/?type=op&cmd=<request><global-protect-client><software><activate><version>5.1.1</version></activate></software></global-protect-client></request>&key=${apitok}"
<response status="success" code="19"><result><msg><line>client package activate job enqueued with jobid 7. Run 'show jobs id 7' to monitor its status. </line></msg><job>7</job></result></response>
## import xml for saml
curl -k -F file=@sa-east-1.xml -g "https://${ip}/api/?key=${apitok}&type=import&category=idp-metadata&profile-name=Okta-Prod"
<response status="success"><result>Successfully imported Okta-Prod into candidate configuration</result></response>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment