How to Enable, Regenerate, Extend API Keys

How to Enable, Regenerate, Extend API Keys

Created On 01/24/19 20:03 PM - Last Modified 04/19/24 21:37 PM


CSP provides a portal feature for developers to get API keys for specific Palo Alto Network product REST endpoints.  One API key per CSP account is assigned for each Palo Alto Network product.  The requester of an API key must be a Super User.

A user also must be a Super User to disable (revoke), extend, or regenerate an API key.


Palo Alto Networks API Key


Access API key (you must be a Super User):
  1. Log into the Support Portal 
  2. Select Products.
  3. Select API Key Management.
  4. Select a Palo Alto Networks product, e.g., Licensing, Threat Vault, DNS.
  1. CSP displays a new API key.  Copy and paste the API key into your app endpoint.
  2. Click "Regenerate" to create a new key.  Note that regenerating a new key causes CSP to revoke (invalidate) previously generated API keys. 
  3. Click "Extend" to extend the same key in increments up to one year. 
  4. Click "Disable" to revoke the key.  Note previously generated keys are revoked when a new key is created.  
  • Key will expire one year from the date of generation. 
  • Key may be extended forever but not for more than one year at a time.
  • Account Super Users will receive email notification of pending expiration date 2 weeks, 1 week and 48 hours prior to expiration.

  • Print
  • Copy Link