# Creating and Managing API Keys in Palo Alto Networks Cortex Cloud Security The Palo Alto Networks Cortex Cloud Security connector is currently in development and may expand with additional capabilities over time. This guide walks you through generating Palo Alto Networks Cortex Cloud Security API credentials and gathering the values required to create a Synqly integration. ## Prerequisites Before you begin, ensure that you have: - Access to your Palo Alto Networks Cortex Cloud Security tenant - Permission to create API keys for integrations - A Cloud Posture Management license - At least one onboarded cloud account in the tenant you want Synqly to query ## Generate a Cortex Cloud API Key 1. Sign in to your Palo Alto Networks Cortex Cloud Security tenant. 2. Open **Settings**. 3. Select **Integrations**. 4. Click **API Keys**. 5. Click **New Key**. 6. Select the key type shown in your tenant. 7. Assign a role that can read the cloud security data Synqly will query. If available in your tenant, use **Data Security Viewer**. 8. Click **Generate**. 9. Copy and securely store the generated **API Key**. Treat this as a secret. ## Gather the Remaining Configuration Values ### API Key ID After creating the key, locate the new key entry in the **API Keys** page and copy the **ID** value. This is the **API Key ID** required by Synqly. ### Base URL In the **API Keys** page, click **Copy API URL** and save that value as your **Base URL**. It should look similar to `https://api-{tenant}.xdr.{region}.paloaltonetworks.com`. ## Configure the Integration Create your integration by supplying the following values. | Integration Parameter | Description | | --- | --- | | Base URL | The API URL copied from **Copy API URL** in your Cortex Cloud tenant. | | API Key ID | The **ID** value for the API key you created. | | API Key | The secret key value generated when the API key was created. | If your tenant offers multiple key types or roles, use the option that grants read access to the cloud security data Synqly needs, and store the generated API key immediately in a secure location.