Skip to main content

Get Client Authentication Access Token

x-prisma-cloud-target-env: {"permission":"none","saas":false,"self-hosted":true}
x-public: true

Retrieves an access token using a client certificate. This endpoint checks the supplied client certificate and authorizes the user based on the username in the certificate's CN or UPN field.

Note: The certificate must be in PEM format, and the certificate file must consist of a client certificate concatenated together with a private key.

cURL Request

Refer to the following example cURL command:

$ curl -k \
--cert <CERT.PEM> \


Refer to the following example cURL response that returns the user's role and an access token that you can use for subsequent API calls:


ConsoleAuthResponse represents the console certificates authentication response

  • role string

    UserRole is the authenticated user role.

  • token string

    Token is the console authentication response token.