Palo Alto Networks · OAuth Scopes
Palo Alto Networks OAuth Scopes
OAuth 2.0
searched
Palo Alto Networks publishes 1 OAuth 2.0 scope via the clientCredentials flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Palo Alto Networks API on a user’s behalf.
Tokens are issued from https://auth.apps.paloaltonetworks.com/oauth2/access_token.
This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR
Scopes: 1
Flows: clientCredentials
Method: searched
OAuth endpoints
Token URL
https://auth.apps.paloaltonetworks.com/oauth2/access_token
https://auth.apps.paloaltonetworks.com/oauth2/access_token
Flows
clientCredentials
clientCredentials
Scopes (1)
| Scope | Description | Flows |
|---|---|---|
| tsg_id: |
Scopes the access token to a single Tenant Service Group (TSG), identified by its 10-digit TSG ID (e.g. scope=tsg_id:1838006364). The service account used to authenticate must belong to the named TSG or an ancestor of it; all API requests made with the token are routed to that tenant. This is the only scope form the Prisma SASE Authentication Service documents. |
📄 Provider scope reference: https://pan.dev/sase/docs/scope/