# Email Appproval Requests
The setup consists of two pieces:
1. Perl script, requests.pl
Pulls the requests via the Prisma Browser API generates and sends an email to the admin.
2. PHP, www/*
Handles the approve or decline of the request and translates this to the Prisma Browser API.
Both parts need are using a directory called: storage
Needs to be writeable for the webserver as well as requests.pl
Typically owned by www:www
There are a couple of modules the Perl script needs:
- Cwd (should be included)
- File::Basename (should be included)
- Getopt::Long (should be included)
- HTTP::Tiny, needs to be installed
- JSON::PP, needs to be installed
- Data::Dumper, needs to be installed
The PHP script uses GuzzleHttp to make the outbound API calls, this is included in the pkg.
In Palo Alto Networks SCM a service account needs to be created with read-write access.
requests.conf holds all the relevant data to process the requests.
- Company name
- Key, to identify the request, generated by gen.pl
- TSGID, can be find in the SCM tenant
- Frequency, options are: single (receive an email for every request) or digest (bundle requests in a single email)
- Email address of the recipient
- BCC, other email addresses for the requests to be send to
- Client ID
- Client Secret
NOTE: $EMAIL_DOMAIN and $WWW_DOMAIN need to be set in requests.pl
