Palo Alto Networks API Security

Third Party
Related Documentation
Compatible Protocols
http https
Minimum Version
Kong Gateway - 3.4
Third Party: This plugin is developed, tested, and maintained by Palo Alto Networks.

Reinforce your API security by integrating your Kong Gateway with Cortex API Security. You can achieve this by using a dedicated HTTP Log plugin (panw-apisec-http-log) designed for Kong. This plugin simplifies ingestion of API traffic data from your Kong Gateway directly into Cortex API Security.

Using this integration, you can apply comprehensive security measures, including:

  • OWASP Top 10 threat detection
  • Bot protection
  • Access control enforcement
  • And more

How the Palo Alto Networks API Security plugin works

When the Palo Alto Networks API Security plugin is enabled on a Kong Gateway Service or Route, it intercepts and processes API requests and their corresponding responses.

For each transaction, the plugin collects relevant data, such as:

  • Request and response bodies
  • HTTP headers
  • Query parameters
  • Status codes

This collected data is then sent to a designated Palo Alto Networks API Security collector endpoint.

Requests and responses are forwarded as-is without any modifications.

This plugin supports global, service, and route scopes—including combinations of services and routes. Consumer-level configuration is not supported.

Install the Palo Alto Networks API Security plugin

You can install the Palo Alto Networks API Security plugin by downloading and mounting its file on Kong Gateway’s system.

Prerequisites

Create a Kong collector on Cortex. Use the download link provided below the collector’s API key to download plugin gzip file. The file includes the handler.lua, utils.lua, and schema.lua files that make up the custom plugin.

Install

If you are using the Kong Ingress Controller, the installation differs from a standard setup. Review the custom plugin docs for the Kong Ingress Controller.

Something wrong?

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!