Documentation link
https://pan.dev/scm/api/auth/post-auth-v-1-oauth-2-access-token/
Describe the problem
Customers in general do not like Basic Auth and are starting to block it by stripping out the header "Authorization: Basic" from proxies.
Suggested fix
We should change the documentation to put the client id and client secret in the body. Yes, this works already.
curl -s -X POST https://auth.apps.paloaltonetworks.com/oauth2/access_token
-H "Content-Type: application/x-www-form-urlencoded"
-d "grant_type=client_credentials&scope=tsg_id:<tsg_id>&client_id=<client_id>&client_secret=<client_secret>"
Documentation link
https://pan.dev/scm/api/auth/post-auth-v-1-oauth-2-access-token/
Describe the problem
Customers in general do not like Basic Auth and are starting to block it by stripping out the header "Authorization: Basic" from proxies.
Suggested fix
We should change the documentation to put the client id and client secret in the body. Yes, this works already.
curl -s -X POST https://auth.apps.paloaltonetworks.com/oauth2/access_token
-H "Content-Type: application/x-www-form-urlencoded"
-d "grant_type=client_credentials&scope=tsg_id:<tsg_id>&client_id=<client_id>&client_secret=<client_secret>"