For secure access to the Prisma Cloud REST API, you need a Prisma Cloud API access key. An access key includes an Access Key ID and a Secret Key. After you use Prisma Cloud to generate an access key, you can use the key to obtain a JSON Web Token (JWT), which is required to authenticate Prisma Cloud REST API requests. The following steps summarize the API requests necessary to authenticate all other Prisma Cloud API requests.
Use the POST /login request to obtain a JWT.
Authenticate further REST API requests by submitting the JWT in an HTTP header parameter. The following shows the HTTP header parameter key.
HTTP Request Header Parameter Value x-redlock-auth Your JWT from POST /login response
Refresh the JWT when necessary. The JWT is valid for 10 minutes, and you must refresh the token for continued access to the Prisma Cloud API. An expired JWT request causes an HTTP 401 (Unauthorized) response. You can use the GET /auth_token/extend request to obtain a refreshed JWT.
Returns a JWT auth token for accessing the Prisma Cloud APIs. To generate a token, you must have an access key and include the following values in the request body parameter — access key ID as the username and your secret key as the password. Prisma Cloud requires this JWT in the request header to authorize API access. Note that access keys maintain the same level of permissions as the permission group of the account that created them.
📄️ Refresh Session
Extend a user's session. The JWT token returned is valid until the next session timeout occurs. This method requires a valid session token to be passed (token from a prior successful extend or login calls).