Skip to main content


Returns a JWT auth token for accessing the Prisma Cloud APIs. To generate a token, you must have an access key and include the following values in the request body parameter — access key ID as the username and your secret key as the password. Prisma Cloud requires this JWT in the request header to authorize API access. Note that access keys maintain the same level of permissions as the permission group of the account that created them.

If you are a multi-tenant user and the body parameters of your login request include a user name and password instead of an access key ID and secret key. You will also need to provide the prismaId or the customerName. Specifying just the prismaId is preferred, but specifying customerName is an acceptable alternative. Your prismaId is available from the license information in the Prisma Cloud console. It's unnecessary to specify both prismaId and customerName, but if you do specify both, the parameters must indicate the same tenant.

Note that you should specify not only the URL and required headers, but also the request body or payload in any POST /login request. See Use Curl to Generate JWT Tokens in Prisma Cloud for a detailed example.

Request Body required

Model used for authentication

  • customerName string

    Customer Name

  • password string required

    Secret key

  • prismaId string

    Unique Prisma Identifier

  • username string required

    Access key ID


successful operation

  • customerNames object[]

    Customer names and property list

  • Array [
  • customerName string

    Customer Name

  • prismaId string

    Prisma Identifier

  • tosAccepted boolean

    Terms of Service Accepted

  • ]
  • message string

    Authentication status

  • roles string[]

    List of user permissions based on user role type. This attribute is populated only for the refresh token response.

  • token string

    JSON Web Token (JWT)