A simple client for Palo Alto Networks firewall API


panxapi.js is a simple Node.js client for Palo Alto Networks firewall API.

A key can be specified, during creation of the client like this:

var client = panxapi.createPanClient({
  host : '',
  key : 'yourkey',    // optional 
  protocol : 'https'  // optional 

Or it can be generated with the keygen method:

var client = panxapi.createPanClient({
  host : ''
client.keygen('username', 'password', function(errxmletree) {
  if (err) throw err
  console.log(client.key) // outputs URI decoded key 
  console.log(xml)        // outputs XML 

In addition to the XML response, an elementtree object is provided as a convenience.

Once the client has a key, you can make further API requests. You'll want to review the vendor's documentation for more info on the parameters, but here is an example of retrieving the hostname for a firewall's configuration :

// ... remember to create the client and set the key first ... 
var params = {
  type : 'config',
  action : 'get',
  xpath : '/config/devices/entry/deviceconfig/system/hostname'
client.request(params, function(errxmletree) {
  console.log(xml)  // outputs XML response 
$ npm install panxapi

Most of the test can be run with:

$ npm test

Running the acceptance tests requires having access to a Palo Alto firewall and having a filled settings.json similar to the example-settings.json. Once you have that, you can run :

$ mocha -R spec test/acceptance/*