Skip to main content




Returns a JWT auth token for accessing the Prisma Cloud APIs. To generate a token, you must have an access key and include the following values in the request body parameter — access key ID as the username and your secret key as the password. Prisma Cloud requires this JWT in the request header to authorize API access. Note that access keys maintain the same level of permissions as the permission group of the account that created them.

If you are a multi-tenant user and the body parameters of your login request include a user name and password instead of an access key ID and secret key. You will also need to provide the prismaId or the customerName. Specifying just the prismaId is preferred, but specifying customerName is an acceptable alternative. Your prismaId is available from the license information in the Prisma Cloud console. It's unnecessary to specify both prismaId and customerName, but if you do specify both, the parameters must indicate the same tenant.

Note that you should specify not only the URL and required headers, but also the request body or payload in any POST /login request. See Use Curl to Generate JWT Tokens in Prisma Cloud for a detailed example.




Model used for authentication

    customerName string

    Customer Name

    password stringrequired

    Secret key

    prismaId string

    Unique Prisma Identifier

    username stringrequired

    Access key ID


successful operation

    customerNames object[]

    Customer names and property list

  • Array [
  • customerName string

    Customer Name

    prismaId string

    Prisma Identifier

    tosAccepted boolean

    Terms of Service Accepted

  • ]
  • message string

    Authentication status

    roles string[]

    List of user permissions based on user role type. This attribute is populated only for the refresh token response.

    token string

    JSON Web Token (JWT)