CSPM API requests require right privileges
CSPM User Roles
To have the right privileges for a CSPM API request, you must have a Prisma Cloud user role with sufficient permissions. See Prisma Cloud Administrator Permissions for the permissions associated with each role.
CSPM API Authorization
To have the right authorization for a CSPM API request, follow the high-level steps below:
- Obtain an access key from your Prisma Cloud system administrator.
- Make a CSPM API request to log in . A successful request returns a JSON Web Token (JWT).
Almost all CSPM API requests use this JWT for authorization. Note that for security, a JWT is valid for only ten minutes. If your session must be active beyond that limit, you can extend a session.
See Getting Started for detailed steps to obtain an access key and to log in to obtain a JWT token.
Components of a CSPM Request
The sections below describe the components of a successful CSPM API request.
The base URL of your CSPM API request depends on the region of your Prisma Cloud tenant and is similar to your Prisma Cloud administrative console URL. See URLs for a list of Prisma Cloud console URLs and corresponding CSPM API base URLs.
The CSPM API uses the standard HTTP methods
You can retrieve certain CSPM resources through either a
GET or a
POST request. Examples include but are not limited to alert lists, compliance posture, and some asset inventory lists. While both methods result in the same response, use
- You don’t want to include your request parameters in the request URL.
- Your request parameters are complex and, therefore, easier to define in the body of a
Required Request Headers
See Headers for information about required request headers.
Request Parameters and Common Data Models
Both query and request body parameters can include certain CSPM common data models. The following sections provide details about their use:
- The Time Range Model enables you to specify windows of time.
- The Integration Configurations are specific to API requests that add, update, or test a third-party integration with Prisma Cloud.
See Error Responses for information about error handling.
Stay Up to Date
Check the status notifications for the Prisma Cloud release schedule to stay up to date with the new features and functionality.