Torq

The <a href="https://www.paloaltonetworks.com/cortex/cortex-xdr" target="_blank" rel="nofollow noopener noreferrer">Cortex XDR</a> integration enables you to scan endpoints, upload IOCs, manage incidents, and validate API keys as part of Torq workflows.

When you create an XDR API key, you'll need to copy and save several items that you'll need later to configure an XDR integration in Torq.

In your XDR portal, go to Settings &gt; Configurations.

Screenshot of accessing the settings configuration section in Cortex XDR.

Expand the configuration panel, go to Integrations &gt; API Keys, and click the + New Key button.

Screenshot of navigating to the page to create a new API key in Cortex XDR.

Configure the API key and click Save. Make sure you copy the API key and save it.

1. Security Level: Standard
2. Role: All Torq steps can be used with the Investigation Admin role.
3. Comment: a short description of what this key will be used for.
   Screenshot of generating a new API key in Cortex XDR.
    

In the table, locate the API key you created and make note of the ID.

In the top-right corner, click Copy URL.

1. In your XDR portal, go to Settings &gt; Configurations.
 Screenshot of accessing the settings configuration section in Cortex XDR.
2. Expand the configuration panel, go to Integrations &gt; API Keys, and click the + New Key button.
 Screenshot of navigating to the page to create a new API key in Cortex XDR.
3. Configure the API key and click Save. Make sure you copy the API key and save it.
 1. Security Level: Standard
 2. Role: All Torq steps can be used with the Investigation Admin role.
 3. Comment: a short description of what this key will be used for.
 Screenshot of generating a new API key in Cortex XDR.
 
4. In the table, locate the API key you created and make note of the ID.
5. In the top-right corner, click Copy URL.

Go to Build &gt; Integrations &gt; Steps &gt; Cortex XDR and click Add.

Fill in the fields with the values you copied earlier.

1. Integration name
2. Cortex XDR API Key
3. Cortex XDR API ID
4. Cortex XDR Base URL (https://api-fqdn) for example: <a href="https://api-.xdr.us.paloaltonetworks.com" target="_blank" rel="nofollow noopener noreferrer">https://api-.xdr.us.paloaltonetworks.com</a>

1. Go to Build &gt; Integrations &gt; Steps &gt; Cortex XDR and click Add.
2. Fill in the fields with the values you copied earlier.
 1. Integration name
 2. Cortex XDR API Key
 3. Cortex XDR API ID
 4. Cortex XDR Base URL (https://api-fqdn) for example: <a href="https://api-.xdr.us.paloaltonetworks.com" target="_blank" rel="nofollow noopener noreferrer">https://api-.xdr.us.paloaltonetworks.com</a>

Screenshot of creating a Cortex XDR integration in Torq.

Learn to integrate Cortex XDR with Torq: IOCs, incident management, and API key validation for seamless workflow automation.

Create an XDR API key

Create a Cortex XDR Integration in Torq