Introduction To SonicOS API
Introduction To SonicOS API
com/support/knowledge-base/introduction-to-sonicos-api/200818060121313/
SonicOS API is enabled by default in SonicOS 7.0 and SonicOSX. The required authentication method can
be selected from the interface.From the GUI,
2. Click on the toggle switch for CHAP authentication or RFC-2617 HTTP Basic Access authentication.
Other advanced authentication mechanisms can also be enabled on the same page.3.
NOTE: The client would need to be set appropriately to authenticate based on this setting.
4.
5. Click on Accept6. .
SonicOS API utilizes four of the methods defined in the HTTP protocol (RFC 7231 and RFC 5789) to
create, read, update, and delete (CRUD) resources.
Supported HTTP request methods:
Type Example
Text/plain GET /api/sonicos/address-objects/macAccept: text/plain
Application/JS POST /api/sonicos/address-objects/macContent-type:
ON application/jsonAccept: application/json{"address_object": {"mac":
{"name": "001122334455","address": "001122334455","multi_homed":
true,"zone": "LAN"}}}
1. Content type: Specifies the format (MIME type) of the request body (input).
Text/plain
Application/JSON
þÿContent type Specifies the format (MIME type) of the request body (input)
All plain text output from the last backend CLI command executed is captured and returned back to the
client. If the command executed was not a show command and the requested operation succeeded, then the
response body is empty. This is consistent with the CLI when executing a command via SSH or the serial
console in that status is only rendered to the console upon error.A JSON status object is guaranteed to be
returned in the response body when performing a POST, PUT, or DELETE operation or upon error(s)
encountered when processing a request.
Schema Structure:
Schema Attributes:
Client Authentication:
A single administrator can manage (modify configuration) at any given time. This remains true regardless of
where an admin logged in (web management UI, CLI, GMS, or SonicOS API).
Users with full admin privileges are allowed to access SonicOS API.
From the GUI, navigate to Home | API and click on the link https://SonicOS-api.sonicwall.com. Swagger
will prepopulate it to give you a list of applicable APIs.
1. Postman
2. Insomnia
3. Git Bash
4. Swagger
SonicOS API is disabled by default in SonicOS. Any attempts to access SonicOS API while it is disabled
results in an HTTP 403 Forbidden error. To use the SonicOS API, you must enable it, either through the
SonicOS Management Interface or from the CLI.
1. Navigate to MANAGE | Appliance | Base Settings2. and scroll down to SonicOS API 3. section.
4. Enable the option 'Enable SonicOS API' and 'Enable RFC-2617 HTTP Basic Access authentication'
option. Other advanced authentication mechanisms can also be enabled on the same page.5.
NOTE: The client would need to be set appropriately to authenticate based on this setting.
6.
7. Click on Accept8. .
config()# administration
(config-administration)# sonicos-api
(config-sonicos-api)# basic
(config-sonicos-api)# commit
Supported Request Methods:
SonicOS API utilizes four of the methods defined in the HTTP protocol (RFC 7231 and RFC 5789) to
create, read, update, and delete (CRUD) resources.
Type Example
Type Example
Text/plain GET /api/sonicos/address-objects/macAccept: text/plain
Application/JS POST /api/sonicos/address-objects/macContent-type:
ON application/jsonAccept: application/json{"address_object": {"mac":
{"name": "001122334455","address": "001122334455","multi_homed":
true,"zone": "LAN"}}}
1. Content type: Specifies the format (MIME type) of the request body (input).
Text/plain
Application/JSON
þÿContent type Specifies the format (MIME type) of the request body (input)
All plain text output from the last backend CLI command executed is captured and returned back to the
client. If the command executed was not a show command and the requested operation succeeded, then the
response body is empty. This is consistent with the CLI when executing a command via SSH or the serial
console in that status is only rendered to the console upon error.A JSON status object is guaranteed to be
returned in the response body when performing a POST, PUT, or DELETE operation or upon error(s)
encountered when processing a request.
401 Not Authorized The user is unauthenticated or lacks the required privileges for
the operation requested.
403 Forbidden The request was understood by the server but denied. The
response body notes the reason why the request was denied.
404 Not Found The resource specified was not found.
405 Method Not The HTTP verb specified is not allowed or supported by the
Allowed resource specified.
406 Not The MIME type specified in the HTTP Content-type and/or
Acceptable Accept header is not supported.
413 Request body The maximum size of the request body was exceeded.
too large
414 Request URL The requested URL exceeded the maximum size allowed or
too long contains extra/unknown parameters (directories).
500 Internal Server The request failed due to an internal server error. The response
Error body should note the reason why the request failed.
503 No resources The maximum number of sessions was exceeded.
Schema Structure:
Schema Attributes:
Client Authentication:
A single administrator can manage (modify configuration) at any given time. This remains true regardless of
where an admin logged in (web management UI, CLI, GMS, or SonicOS API).
Users with full admin privileges are allowed to access SonicOS API.
1. Postman
2. Insomnia
3. Git Bash
4. Swagger
For Linux platforms, Curl can be used which is available by default.
See also:
How To Migrate FQDN Address Objects From A Gen 6 To Gen 7 Device Using SonicOS API?