As we recently rolled out a bunch of PA firewalls, I have created a powershell script to backup the running configuration using the XML API.

You can grab the script from my github here:

The instructions are as follows:
1. Create the folder c:\panbackup\ on your Windows Server.

2. Create a local administrator on the firewall as a member of super users (read only). This will allow rights to export the full configuration with phash keys. Which means you can restore the config on a new appliance easily. The below PA documentation details how to create a local firewall administrator: Create Firewall Administrator

3. Generate your API key as follows: https:///api/?type=keygen&user=&password= You can also generate api key via cURL as per the PA documentation below:
Generate your API key

4. Test your powershell script! You may need to set the correct saving path, file names etc. Add a scheduled task and viola! Peace of mind.