Skip to main content

Cloud Security API

Cloud Security APIs require right privileges

Cloud Security User Roles

To have the right privileges for a Cloud Security API request, you must have a Prisma Cloud user role with sufficient permissions. If you are upgraded to the Darwin release, see Prisma Cloud user role. For the permissions associated with each role, see Prisma Cloud Administrator Permissions. If you are upgraded to the Darwin release, see Prisma Cloud Administrator Permissions.

Cloud Security API Authorization

To have the right authorization for a Cloud Security API request, follow the high-level steps below:

  1. Obtain an access key from your Prisma Cloud system administrator. If you are upgraded to the Darwin release, see Obtain an access key.
  2. Make a Cloud Security API request to log in . A successful request returns a JSON Web Token (JWT).

Almost all Cloud Security API requests use this JWT for authorization. Note that for security, a JWT is valid for only ten minutes. If your session must be active beyond that limit, you can extend a session.

See Getting Started for detailed steps to obtain an access key and to log in to obtain a JWT token.

Components of a Cloud Security Request

The sections below describe the components of a successful Cloud Security API request.

Base URL

The base URL of your Cloud Security API request depends on the region of your Prisma Cloud tenant and is similar to your Prisma Cloud administrative console URL. See URLs for a list of Prisma Cloud console URLs and corresponding Cloud Security API base URLs.

HTTP Methods

The Cloud Security API uses the standard HTTP methods GET, POST, PUT, PATCH, and DELETE.

You can retrieve certain Cloud Security resources through either a GET or a POST request. Examples include but are not limited to alert lists, compliance posture, and some asset inventory lists. While both methods result in the same response, use POST if:

  • You don’t want to include your request parameters in the request URL.
  • Your request parameters are complex and, therefore, easier to define in the body of a POST request.

Required Request Headers

See Headers for information about required request headers.

Request Parameters and Common Data Models

Both query and request body parameters can include certain Cloud Security common data models. The following sections provide details about their use:

Error Responses

See Error Responses for information about error handling.

Stay Up to Date

Check the status notifications for the Prisma Cloud release schedule to stay up to date with the new features and functionality.