Skip to main content

CSPM API Request Basics

Use the following guidelines to ensure that your Cloud Security Posture Management (CSPM) API requests to Prisma Cloud are successful.

Prerequisites for a CSPM Requestโ€‹

To make a CSPM API request, you must have the right privileges and authorization for the request.

CSPM User Rolesโ€‹

To have the right privileges to make a CSPM API request, you must have a Prisma Cloud user role with sufficient permissions. See Prisma Cloud Administrator Permissions for the permissions associated with each role.

CSPM API Authorizationโ€‹

To have the right authorization for a CSPM API request, follow the high-level steps below:

  1. Obtain an access key from your Prisma Cloud system administrator.
  2. Make a CSPM API request to log in . A successful request returns a JSON Web Token (JWT).

Almost all CSPM API requests use this JWT for authorization. Note that for security, a JWT is valid for only ten minutes. If your session must be active beyond that limit, you can extend a session.

See Getting Started for detailed steps to obtain an access key and to log in to obtain a JWT token.

Components of a CSPM Requestโ€‹

The sections below describe the components of a successful CSPM API request.

Base URLโ€‹

The base URL of your CSPM API request depends on the region of your Prisma Cloud tenant and is similar to your Prisma Cloud administrative console URL. See URLs for a list of Prisma Cloud console URLs and corresponding CSPM API base URLs.

HTTP Methodsโ€‹

The CSPM API uses the standard HTTP methods GET, POST, PUT, PATCH, and DELETE.

You can retrieve certain CSPM resources through either a GET or a POST request. Examples include but are not limited to alert lists, compliance posture, and some asset inventory lists. While both methods result in the same response, use POST if:

  • You donโ€™t want to include your request parameters in the request URL.
  • Your request parameters are complex and, therefore, easier to define in the body of a POST request.

Required Request Headersโ€‹

See Headers for information about required request headers.

Request Parameters and Common Data Modelsโ€‹

Both query and request body parameters can include certain CSPM common data models. The following sections provide details about their use:

Error Responsesโ€‹

See Error Responses for information about error handling.