Skip to content

Issue/Help with "Get OAuth Token" #1304

Description

@damray

Documentation link

Describe the problem

Prisma AIRS OAuth Token endpoint doc issue**
While working with the Management API endpoint POST /v1/mgmt/oauth/client_credential/accesstoken (https://pan.dev/prisma-airs/api/airuntimesecurity/management/get-apigee-oauth-token/)), I found that the client_id field in the request body is misleading.
What the doc says:
The body expects client_id (string) — which implies the OAuth Client ID from your service account.
What actually works:
The client_id field must be your API key (the x-pan-token value), not the OAuth Client ID.
So the working curl looks like this:

curl -L 'https://api.sase.paloaltonetworks.com/aisec/v1/mgmt/oauth/client_credential/accesstoken' \
  -H 'Authorization: Bearer <SASE_TOKEN>' \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "<YOUR_X_PAN_TOKEN>",
    "customer_app": "<YOUR_APP_NAME>"
  }'

Using the actual OAuth Client ID returns "GetApigeeOauthToken: API key not found".

Suggested fix

What actually works:
The client_id field must be your API key (the x-pan-token value), not the OAuth Client ID.
So the working curl looks like this:

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentation

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions