Skip to main content

CSPM API Request Basics

Use the following guidelines to ensure that your CSPM API request is successful.

Prerequisites of a Request#

Before you can make a CSPM API request, you need to make sure you have the right privileges and authorization for the request.

Roles#

To make an API request, you must have a Prisma Cloud role with sufficient permissions. See Prisma Cloud Administrator Permissions for the permissions associated with each role.

Authentication/Authorization#

Almost all CSPM API endpoints use JSON Web Tokens (JWT) to authorize requests. Log in to obtain a valid JWT. Note that for security, a JWT is valid for only ten minutes. If your session must be active beyond that limit, you can extend a session.

See Getting Started for steps to obtain access keys and use them when you log in.

Components of a Single Request#

The sections below describe the components of a successful CSPM API request.

URL#

The base URL of your CSPM API request depends on the region of your Prisma Cloud tenant and is similar to your Prisma Cloud administrative console URL. See URLs for a list of Prisma Cloud console URLs and corresponding CSPM API base URLs.

Methods#

The CSPM API uses standard HTTP methods GET, POST, PUT, PATCH, and DELETE.

Certain resources are available through either a GET or a POST request. Examples include but are not limited to alert lists, compliance posture, and some asset inventory lists. While both options result in the same response, use POST if:

  • You don’t want to include your request parameters in the request URL.
  • Your request parameters are complex and, therefore, easier to define in the body of a POST request.

Request Headers#

See Headers for information about required request headers.

Request Parameters#

Both query and request body parameters can include certain data models in CSPM. The following sections provide details about their use:

Errors#

See Error Responses for information about error handling.