welcome-to-palo-alto-networks[bot]
commented
2 years ago :tada: Thanks for opening your first issue here! Welcome to the community!
Open tyler-horschig opened 2 years ago
welcome-to-palo-alto-networks[bot]
commented
2 years ago :tada: Thanks for opening your first issue here! Welcome to the community!
sserrata
commented
2 years ago Hi @dedsec594, judging by the error message, it appears your grant may have expired. If so, you'll need to reauthorize the instance (delete the existing instance under Authorizations and start the authorization flow from the Cortex hub).
After reauthorizing you may need to generate a new developer token.
tyler-horschig
commented
2 years ago @sserrata We originally set the token to never expire. Is there a way to set the instance to never expire? We just followed this guide when we set it up: https://cortex.pan.dev/docs/data_lake/learn/apiexplorer_authorization and then this guide: https://cortex.pan.dev/docs/data_lake/learn/developer_tokens to get the developer token.
sserrata
commented
2 years ago The OAuth 2.0 grant expiration is handled separately from developer token expiration. That said, you may want to open a TAC issue to inquire about setting the grant to never expire.
Description
The developer token authorization no longer works. You get a 400 Bad Request.
{ "msg": "Refresh operation failed: Token refresh failed: {\"error_description\":\"unknown, invalid, or expired refresh token\",\"error\":\"invalid_grant\"}" }
What I Did
curl -H "Authorization: Bearer $PAN_DEVELOPER_TOKEN" -X POST https://app.apiexplorer.rocks/request_token