Update an existing application (full replacement)

put /platform/integration/v1/external-application/{application_id}

Allows the user to edit an external application and specify its new attributes. To see the possible application_type values, please check the relevant enum in the ExternalApplication schema for additional information. The connection_config attribute is where a user would define AWS SQS, AWS S3, Splunk, Syslog, and webhook configurations; the required formats for these fields are documented in the respective schemas that are linked to the base ConnectionConfig schema. Please ensure that you have setup the proper egress configurations on the Cortex Gateway; this API verifies the new connection against the egress configurations specified for the given tenant. If assistance is required, please utilize the cue on the UI menu for creating a new external application configuration.

Path parameters

application_id String required

The unique identifier of the application.

Example: e94fbc98-3053-6506-876b-f809f344f118

CLIENT REQUEST

          curl -X 'PUT'

        -H
        'Accept: application/json'
      

        -H
        'Content-Type: application/json'
      

      'https://api-cortex.paloaltonetworks.com/platform/integration/v1/external-application/{application_id}'
    

      -d
      '{
  "request_data" : {
    "application_type" : "syslog",
    "connection_config" : {
      "url" : "https://webhook.site/305650415-aad3-45ac-9d92-2455105edb96"
    },
    "name" : "name",
    "description" : "description"
  }
}'
    


      

import http.client

conn = http.client.HTTPSConnection("api-")

payload = "{\"request_data\":{\"name\":\"string\",\"description\":\"string\",\"application_type\":\"syslog\",\"connection_config\":{\"url\":\"string\",\"http_method\":\"POST\",\"headers\":{}}}}"

headers = { 'content-type': "application/json" }

conn.request("PUT", "%7Bfqdn%7D/platform/integration/v1/external-application/e94fbc98-3053-6506-876b-f809f344f118", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/e94fbc98-3053-6506-876b-f809f344f118")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Put.new(url)
request["content-type"] = 'application/json'
request.body = "{\"request_data\":{\"name\":\"string\",\"description\":\"string\",\"application_type\":\"syslog\",\"connection_config\":{\"url\":\"string\",\"http_method\":\"POST\",\"headers\":{}}}}"

response = http.request(request)
puts response.read_body

const data = JSON.stringify({
  "request_data": {
    "name": "string",
    "description": "string",
    "application_type": "syslog",
    "connection_config": {
      "url": "string",
      "http_method": "POST",
      "headers": {}
    }
  }
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("PUT", "https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/e94fbc98-3053-6506-876b-f809f344f118");
xhr.setRequestHeader("content-type", "application/json");

xhr.send(data);

HttpResponse<String> response = Unirest.put("https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/e94fbc98-3053-6506-876b-f809f344f118")
  .header("content-type", "application/json")
  .body("{\"request_data\":{\"name\":\"string\",\"description\":\"string\",\"application_type\":\"syslog\",\"connection_config\":{\"url\":\"string\",\"http_method\":\"POST\",\"headers\":{}}}}")
  .asString();

import Foundation

let headers = ["content-type": "application/json"]
let parameters = ["request_data": [
    "name": "string",
    "description": "string",
    "application_type": "syslog",
    "connection_config": [
      "url": "string",
      "http_method": "POST",
      "headers": []
    ]
  ]] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/e94fbc98-3053-6506-876b-f809f344f118")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "PUT"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()

<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/e94fbc98-3053-6506-876b-f809f344f118",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "PUT",
  CURLOPT_POSTFIELDS => "{\"request_data\":{\"name\":\"string\",\"description\":\"string\",\"application_type\":\"syslog\",\"connection_config\":{\"url\":\"string\",\"http_method\":\"POST\",\"headers\":{}}}}",
  CURLOPT_HTTPHEADER => [
    "content-type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

CURL *hnd = curl_easy_init();

curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "PUT");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/e94fbc98-3053-6506-876b-f809f344f118");

struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);

curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"name\":\"string\",\"description\":\"string\",\"application_type\":\"syslog\",\"connection_config\":{\"url\":\"string\",\"http_method\":\"POST\",\"headers\":{}}}}");

CURLcode ret = curl_easy_perform(hnd);

var client = new RestClient("https://api-/%7Bfqdn%7D/platform/integration/v1/external-application/e94fbc98-3053-6506-876b-f809f344f118");
var request = new RestRequest(Method.PUT);
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"request_data\":{\"name\":\"string\",\"description\":\"string\",\"application_type\":\"syslog\",\"connection_config\":{\"url\":\"string\",\"http_method\":\"POST\",\"headers\":{}}}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);

Body parameters

application/json

Enumerates the parameters for an external application request object

request_dataobject

namestringrequired

Name of the application.

descriptionstring

Description of the application.

application_typestring (Enum)required

The type of application instance.

Allowed values:"syslog""webhook""splunk""aws_sqs""aws_s3"

connection_configobjectrequired

Connection configuration based on application_type.

One of

urlstringrequiredurl

webhook URL.

http_methodstring (Enum)

Default:"POST"

Allowed values:"POST""PUT"

headersobject

Custom HTTP headers to include.

hec_endpointstringrequiredurl

Splunk HTTP Event Collector (HEC) endpoint.

auth_tokenstringrequired

HEC authentication token.

queue_urlstringrequiredurl

The SQS queue destination URL.

access_keystring

secret_keystring

role_arnstring

connection_typestring (Enum)

Default:"ROLE_ARN"

Allowed values:"ROLE_ARN""ACCESS_KEY"

s3_uristringrequiredurl

Amazon S3 bucket URI

regionstringrequired

AWS region where the S3 bucket resides

role_arnstringrequired

Role ARN associated with the IAM role for S3 access

roll_up_intervalinteger (Enum)int32

Roll-up interval for metrics or data aggregation (in minutes)

Default:60

Allowed values:153060180

portintegerrequired

protocolstring (Enum)required

Allowed values:"UDP""TCP""TLS"

facilitystringrequired

Choose one of the syslog standard values. The value maps to how your syslog server uses the facility field to manage messages. For details on the facility field, see RFC 5424.

addressstringrequired

IP address or fully qualified domain name (FQDN) of the syslog server.

security_infoobject

certificate_namestring

When using TLS for communication between Cortex and the syslog server, Cortex validates that the syslog receiver has a certificate. Specify the certificate name here.

ignore_cert_errorsboolean

Whether to ignore certificate errors. For security reasons, this is not recommended. If you set this to true, logs will be forwarded even if the certificate contains errors.

certificate_contentstringbinary

Binary string of the certificate.

REQUEST
{
  "request_data": {
    "name": "Test External Application 03",
    "description": "test description for the given external application",
    "application_type": "webhook",
    "connection_config": {
      "url": "https://webhook.site/305650415-aad3-45ac-9d92-2455105edb96",
      "http_method": "POST"
    }
  }
}

Responses

Application updated successfully.

Body

application/json

Enumerates the various attributes of an external application response object

dataobject

application_idintegerint64

Unique identifier

namestring

Name of the application.

descriptionstring

Description of the application.

statusstring (Enum)

Current status of the application.

Default:"connected"

Allowed values:"connected""warning""disabled""error""in_progress""pending_authorization""authorization_failure""incomplete""pending"

created_atintegerint64

Timestamp when the application was created.

last_modified_bystring

Identifier of the user who created the app.

last_errorstring

Description summarizing that last known error for the given external application.

last_error_atintegerint64

Timestamp of the last error.

modified_atintegerint64

Timestamp of the last modification.

application_typestring (Enum)

The type of application instance.

Allowed values:"syslog""webhook""splunk""aws_sqs""aws_s3"

connection_configobject

Connection configuration based on application_type.

One of

urlstringrequiredurl

webhook URL.

http_methodstring (Enum)

Default:"POST"

Allowed values:"POST""PUT"

headersobject

Custom HTTP headers to include.

hec_endpointstringrequiredurl

Splunk HTTP Event Collector (HEC) endpoint.

auth_tokenstringrequired

HEC authentication token.

queue_urlstringrequiredurl

The SQS queue destination URL.

access_keystring

secret_keystring

role_arnstring

connection_typestring (Enum)

Default:"ROLE_ARN"

Allowed values:"ROLE_ARN""ACCESS_KEY"

s3_uristringrequiredurl

Amazon S3 bucket URI

regionstringrequired

AWS region where the S3 bucket resides

role_arnstringrequired

Role ARN associated with the IAM role for S3 access

roll_up_intervalinteger (Enum)int32

Roll-up interval for metrics or data aggregation (in minutes)

Default:60

Allowed values:153060180

portintegerrequired

protocolstring (Enum)required

Allowed values:"UDP""TCP""TLS"

facilitystringrequired

Choose one of the syslog standard values. The value maps to how your syslog server uses the facility field to manage messages. For details on the facility field, see RFC 5424.

addressstringrequired

IP address or fully qualified domain name (FQDN) of the syslog server.

security_infoobject

certificate_namestring

When using TLS for communication between Cortex and the syslog server, Cortex validates that the syslog receiver has a certificate. Specify the certificate name here.

ignore_cert_errorsboolean

Whether to ignore certificate errors. For security reasons, this is not recommended. If you set this to true, logs will be forwarded even if the certificate contains errors.

certificate_contentstringbinary

Binary string of the certificate.

RESPONSE
{
  "data": {
    "application_id": 2,
    "name": "Test External Application 03",
    "description": "test description for the given external application",
    "status": "connected",
    "created_at": 1753918287,
    "last_modified_by": "john.doe@example.com",
    "modified_at": 1753918288,
    "application_type": "webhook",
    "connection_config": {
      "url": "https://webhook.site/305650415-aad3-45ac-9d92-2455105edb96",
      "http_method": "POST"
    },
    "last_error": null,
    "last_error_at": null
  }
}

Body

application/json

dataobject

err_msgstring

Error message describing the issue

metadataobject

err_extrastring

Additional error details

err_codeinteger

HTTP error code

RESPONSE
{
  "data": {
    "err_msg": "The request contains invalid or missing parameters.",
    "metadata": {
      "err_extra": "Application type for a given external application cannot be modified",
      "err_code": 400
    }
  }
}

Body

application/json

replyobject

err_msgstring

err_extrastring

err_codeinteger

RESPONSE
{
  "reply": {
    "err_code": 401,
    "err_msg": "Public API request unauthorized",
    "err_extra": null
  }
}

Body

application/json

replyobject

err_msgstring

err_extrastring

err_codeinteger

RESPONSE
{
  "reply": {
    "err_code": 403,
    "err_msg": "Forbidden. Access was denied to this resource.",
    "err_extra": "Insufficient permissions for api key"
  }
}