WF API keys - Regeneration, Generation or Expired

WF API keys - Regeneration, Generation or Expired

7082
Created On 12/19/18 10:09 AM - Last Modified 11/19/25 21:00 PM


Question


Q: What is WF API?
A: Access to the WildFire API is available if at least one FW has an active WildFire subscription registered to CSP.  WF API can be used by all CSP members. WF API key is assigned when company purchases first firewall WildFire subscription and expires when the subscription expires. If account  has multiple firewalls with WF  subscriptions, the API key is tied to the subscription that expires last. WF API key cannot be deleted -  it only expires.
Advanced WF and WF API keys allows up to 150  sample uploads per day and up to 1050 report queries per day. The daily limit resets at 23:59:00 UTC. Users are  also limited to 100MB sample sizes when submitting samples to the WildFire cloud. WF API keys are tied to a specific CSP, not to firewall serial number.  
With Advanced WF subscription the customers still will see "Standard" API key in their WF portal. 
The naming convention in WF portal refers to "Standard" API key as they key that is available with firewall WF subscription (WF or AWF).
The customers who have WF API standalone license will see in their WF Portal "Advanced" type of WF API key that gives them access to advanced file analysis and scan file types like images through API

WildFire API Limits


Q: When do we need to generate a WF API key?
A: If CSP doesn’t have API Key anytime and needs a API key to be generated for the first time. We reach out to IAD for it by opening an incident with IAD.
Note that if a user activates a WF subscription - API key will be generated immediately and automatically.

Q:  When do we need  re-generate WF API key?
A:  If user transfers a device from one account to another account and if the device has WF then the WF API key will NOT be regenerated automatically and needs to be regenerated. In these cases we reach to IAD to regenerate the API key. When IAD regenerates the license key -  old key will be in the “revoked”  status. There is no problem with old key. Advise customer to use the new key.

Q: What to do if the Wildfire API key is expired?
A: Open an incident with IAD so they can regenerate a new WF API key.   Once this has been completed the customer will see the expired key and the New "Valid" key.  The customer will use the new "Valid" key.  
User-added image
** Please note that the CSP must have a Physical Firewall with WF license. VMs with Wildfire feature subscription, are not included to the validity of WildFire API Key expiration.

Q: What is the difference Eval  WF API vs  WF API ?
A:  When a customer does a WF eval - they will have an Eval API key

     When they purchase and activate a purchased  WF license, a new API key will be created. This new API key will be used to connect to the WildFire cloud. 
     The Eval key does not get converted to the production API key.
     When customer renews WF, a new renewal API key will be created.

Q: What to do if the Wildfire API Key need to be revoked?
A: Please open an admin case. We can revoke the requested Wildfire API Key.
 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmTfCAK&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language