Palo Alto Networks · Capability

Palo Alto Networks Secure Access

Unified secure access capability for managing remote networks, ZTNA connectors, SD-WAN sites, 5G network slices, and SASE configuration across Prisma Access, ZTNA Connector, SD-WAN, Config Orchestration, and 5G APIs.

Run with Naftiko Palo Alto NetworksSecure AccessSASESD-WANZTNA5GService Provider Interconnect

What You Can Do

GET

List remote networks — List all remote networks with pagination.

/v1/remote-networks

POST

Create remote network — Create a new remote network.

/v1/remote-networks

GET

Get remote network — Get a specific remote network by ID.

/v1/remote-networks/{id}

PUT

Update remote network — Update a specific remote network by ID.

/v1/remote-networks/{id}

DELETE

Delete remote network — Delete a specific remote network by ID.

/v1/remote-networks/{id}

GET

List service connections — List all service connections with pagination.

/v1/service-connections

POST

Create service connection — Create a new service connection.

/v1/service-connections

GET

Get service connection — Get a specific service connection by ID.

/v1/service-connections/{id}

PUT

Update service connection — Update a specific service connection by ID.

/v1/service-connections/{id}

DELETE

Delete service connection — Delete a specific service connection by ID.

/v1/service-connections/{id}

GET

Get mobile agent settings — Get mobile agent infrastructure settings.

/v1/mobile-agent-settings

POST

Create mobile agent settings — Create or update mobile agent infrastructure settings.

/v1/mobile-agent-settings

GET

List ike gateways — List all IKE gateways with pagination.

/v1/ike-gateways

GET

List orchestrated remote networks — List all orchestrated remote networks with optional filtering.

/v1/orchestrated-remote-networks

POST

Create orchestrated remote network — Create a new orchestrated remote network configuration.

/v1/orchestrated-remote-networks

GET

Get orchestrated remote network — Get details of a specific orchestrated remote network by ID.

/v1/orchestrated-remote-networks/{id}

PUT

Update orchestrated remote network — Update an existing orchestrated remote network configuration.

/v1/orchestrated-remote-networks/{id}

DELETE

Delete orchestrated remote network — Delete an orchestrated remote network by ID.

/v1/orchestrated-remote-networks/{id}

POST

Refresh ike gateway — Refresh the IKE gateway for a specific remote network.

/v1/orchestrated-remote-networks/{id}/refresh-ike-gateway

GET

Get bandwidth allocations — Get bandwidth allocations optionally filtered by location.

/v1/bandwidth-allocations

GET

List access locations — List all available Prisma Access locations.

/v1/access-locations

GET

Get onboarding status — Get the onboarding status for a specific resource.

/v1/onboarding-status/{id}

GET

List ztna connectors — List all ZTNA connectors.

/v1/ztna-connectors

POST

Create ztna connector — Create a new ZTNA connector.

/v1/ztna-connectors

GET

Get ztna connector — Get a specific ZTNA connector by ID.

/v1/ztna-connectors/{connector_id}

PUT

Update ztna connector — Update a specific ZTNA connector by ID.

/v1/ztna-connectors/{connector_id}

DELETE

Delete ztna connector — Delete a specific ZTNA connector by ID.

/v1/ztna-connectors/{connector_id}

POST

Schedule connector upgrade — Schedule an upgrade for a ZTNA connector.

/v1/ztna-connectors/{connector_id}/upgrade

GET

List connector groups — List all ZTNA connector groups.

/v1/connector-groups

POST

Create connector group — Create a new ZTNA connector group.

/v1/connector-groups

GET

Get connector group — Get a specific ZTNA connector group by ID.

/v1/connector-groups/{group_id}

PUT

Update connector group — Update a specific ZTNA connector group by ID.

/v1/connector-groups/{group_id}

DELETE

Delete connector group — Delete a specific ZTNA connector group by ID.

/v1/connector-groups/{group_id}

GET

List ztna applications — List all ZTNA applications.

/v1/ztna-applications

POST

Create ztna application — Create a new ZTNA application.

/v1/ztna-applications

GET

Get ztna application — Get a specific ZTNA application by ID.

/v1/ztna-applications/{app_id}

PUT

Update ztna application — Update a specific ZTNA application by ID.

/v1/ztna-applications/{app_id}

DELETE

Delete ztna application — Delete a specific ZTNA application by ID.

/v1/ztna-applications/{app_id}

GET

List fqdn rules — List all FQDN rules.

/v1/fqdn-rules

POST

Create fqdn rule — Create a new FQDN rule.

/v1/fqdn-rules

GET

List subnet rules — List all subnet rules.

/v1/subnet-rules

POST

Create subnet rule — Create a new subnet rule.

/v1/subnet-rules

GET

Get ztna licenses — Get ZTNA license information.

/v1/ztna-licenses

GET

List sdwan sites — Retrieve a list of SD-WAN sites.

/v1/sd-wan-sites

POST

Create sdwan site — Create a new SD-WAN site.

/v1/sd-wan-sites

GET

Get sdwan site — Retrieve details for a specific SD-WAN site.

/v1/sd-wan-sites/{site_id}

PUT

Update sdwan site — Update an existing SD-WAN site.

/v1/sd-wan-sites/{site_id}

DELETE

Delete sdwan site — Delete an SD-WAN site.

/v1/sd-wan-sites/{site_id}

GET

List wan interfaces — Retrieve WAN interfaces for a specific site.

/v1/sd-wan-sites/{site_id}/wan-interfaces

POST

Create wan interface — Create a WAN interface for a specific site.

/v1/sd-wan-sites/{site_id}/wan-interfaces

GET

List lan networks — Retrieve LAN networks for a specific site.

/v1/sd-wan-sites/{site_id}/lan-networks

POST

Create lan network — Create a LAN network for a specific site.

/v1/sd-wan-sites/{site_id}/lan-networks

GET

List qos rules — Retrieve a list of QoS rules.

/v1/qos-rules

POST

Create qos rule — Create a new QoS rule.

/v1/qos-rules

GET

List path rules — Retrieve a list of path rules.

/v1/path-rules

POST

Create path rule — Create a new path rule.

/v1/path-rules

GET

Get site metrics — Retrieve monitoring metrics for a specific site.

/v1/sd-wan-sites/{site_id}/metrics

GET

Get application usage — Retrieve application usage metrics across the SD-WAN.

/v1/application-usage

GET

List sdwan alarms — Retrieve a list of SD-WAN alarms.

/v1/sd-wan-alarms

GET

List network slices — Retrieve a list of 5G network slices.

/v1/network-slices

POST

Create network slice — Create a new 5G network slice.

/v1/network-slices

GET

Get network slice — Retrieve details for a specific network slice.

/v1/network-slices/{slice_id}

PUT

Update network slice — Update an existing network slice.

/v1/network-slices/{slice_id}

DELETE

Delete network slice — Delete a network slice.

/v1/network-slices/{slice_id}

GET

List 5g security policies — Retrieve a list of 5G security policies.

/v1/5g-security-policies

POST

Create 5g security policy — Create a new 5G security policy.

/v1/5g-security-policies

GET

Get 5g security policy — Retrieve details for a specific 5G security policy.

/v1/5g-security-policies/{policy_id}

PUT

Update 5g security policy — Update an existing 5G security policy.

/v1/5g-security-policies/{policy_id}

DELETE

Delete 5g security policy — Delete a 5G security policy.

/v1/5g-security-policies/{policy_id}

GET

List 5g tenants — Retrieve a list of 5G tenants.

/v1/5g-tenants

POST

Create 5g tenant — Create a new 5G tenant.

/v1/5g-tenants

GET

Get 5g tenant — Retrieve details for a specific 5G tenant.

/v1/5g-tenants/{tenant_id}

PUT

Update 5g tenant — Update an existing 5G tenant.

/v1/5g-tenants/{tenant_id}

DELETE

Delete 5g tenant — Delete a 5G tenant.

/v1/5g-tenants/{tenant_id}

GET

Get 5g security metrics — Retrieve 5G security monitoring metrics.

/v1/5g-metrics

MCP Tools

list-remote-networks

List all Prisma Access remote networks with pagination.

read-only idempotent

create-remote-network

Create a new Prisma Access remote network.

get-remote-network

Get a specific Prisma Access remote network by ID.

read-only idempotent

update-remote-network

Update a specific Prisma Access remote network by ID.

idempotent

delete-remote-network

Delete a specific Prisma Access remote network by ID.

idempotent

list-service-connections

List all Prisma Access service connections with pagination.

read-only idempotent

create-service-connection

Create a new Prisma Access service connection.

get-service-connection

Get a specific Prisma Access service connection by ID.

read-only idempotent

update-service-connection

Update a specific Prisma Access service connection by ID.

idempotent

delete-service-connection

list-ztna-applications

List all ZTNA applications.

read-only idempotent

create-ztna-application

Create a new ZTNA application.

get-ztna-application

Get a specific ZTNA application by ID.

read-only idempotent

update-ztna-application

Update a specific ZTNA application by ID.

idempotent

delete-ztna-application

Delete a specific ZTNA application by ID.

Retrieve a list of SD-WAN sites.

read-only idempotent

create-sdwan-site

Create a new SD-WAN site.

get-sdwan-site

Retrieve details for a specific SD-WAN site.

read-only idempotent

update-sdwan-site

Update an existing SD-WAN site.

idempotent

delete-sdwan-site

Delete an SD-WAN site.

Retrieve application usage metrics across the SD-WAN.

read-only idempotent

list-sdwan-alarms

Retrieve a list of SD-WAN alarms.

read-only idempotent

list-orchestrated-remote-networks

List all orchestrated remote networks with optional filtering by location and status.

read-only idempotent

Retrieve 5G security monitoring metrics.

read-only idempotent

Who This Is For

👤

Network Architect

Designs SASE and SD-WAN network architectures for secure remote access.

👤

SASE Administrator

Manages Prisma Access, SD-WAN, and ZTNA configurations for the SASE platform.

👤

SD-WAN Operator

Manages SD-WAN sites, WAN interfaces, and path policies for branch connectivity.

APIs Used

prisma-access ztna-connector prisma-sd-wan sase-config-orchestration sase-5g sase-multitenant-interconnect