Cloud Security API
Cloud Security APIs require right privileges
Cloud Security User Roles
To have the right privileges for a Cloud Security API request, you must have a Prisma Cloud user role with sufficient permissions. If you are upgraded to the Darwin release, see Prisma Cloud user role. For the permissions associated with each role, see Prisma Cloud Administrator Permissions. If you are upgraded to the Darwin release, see Prisma Cloud Administrator Permissions.
Cloud Security API Authorization
To have the right authorization for a Cloud Security API request, follow the high-level steps below:
- Obtain an access key from your Prisma Cloud system administrator. If you are upgraded to the Darwin release, see Obtain an access key.
- Make a Cloud Security API request to log in . A successful request returns a JSON Web Token (JWT).
Almost all Cloud Security API requests use this JWT for authorization. Note that for security, a JWT is valid for only ten minutes. If your session must be active beyond that limit, you can extend a session.
See Getting Started for detailed steps to obtain an access key and to log in to obtain a JWT token.
Components of a Cloud Security Request
The sections below describe the components of a successful Cloud Security API request.
Base URL
The base URL of your Cloud Security API request depends on the region of your Prisma Cloud tenant and is similar to your Prisma Cloud administrative console URL. See URLs for a list of Prisma Cloud console URLs and corresponding Cloud Security API base URLs.
HTTP Methods
The Cloud Security API uses the standard HTTP methods GET, POST, PUT, PATCH, and DELETE.
You can retrieve certain Cloud Security resources through either a GET or a POST request. Examples include but are not limited to alert lists, compliance posture, and some asset inventory lists. While both methods result in the same response, use POST if:
- You don’t want to include your request parameters in the request URL.
- Your request parameters are complex and, therefore, easier to define in the body of a
POSTrequest.
Required Request Headers
See Headers for information about required request headers.
Request Parameters and Common Data Models
Both query and request body parameters can include certain Cloud Security common data models. The following sections provide details about their use:
- The Time Range Model enables you to specify windows of time.
- The Integration Configurations are specific to API requests that add, update, or test a third-party integration with Prisma Cloud.
Error Responses
See Error Responses for information about error handling.
Stay Up to Date
Check the status notifications for the Prisma Cloud release schedule to stay up to date with the new features and functionality.