Authenticating subsequent API calls SonicAPI 7
I'll preface this with I'm using Powershell to integrate the Sonicwall deployments into our tenant onboarding which is already done with Powershell in the same manner. I am hoping I can get some insight into persisting an auth token or similar for subsequent API calls in script/application.
Currently I can authenticate with basic and TOTP methods for the initial logon to the API but I get a 401 or unexpected error on subsequent calls to the API. I've tried passing the Bearer token with the headers and using --digest to no avail. Did I just miss the persistence method in the API documentation?
code so far:
$UN = userhere
$PW = PWhere
$TFA = TOTP/Two Factor Code
################################
# Generate session based Token #
################################
# build data
$data = [PSCustomObject]@{
"user"= $UN
"password"= $PW
"tfa"= $TFA
"override"= "True"
}
$header2 = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$header2.Add("Accept", 'application/json')
$header2.Add("Content-Type", 'application/json')
# Take data from above and convert to json for ingestation
$body = convertto-json -InputObject $data
#$header1 = convertto-json -InputObject $header
# Structure API request with Login Credentials from Above and use this to generate Token
$uri = "https://IPandPortHere/api/sonicos/tfa"
$token = Invoke-RestMethod -Uri $uri -Method Post -Body $body -Header $header2
$tokenauth = $token.status.info.bearer_token
The variable $token returns a 200 OK and $token.status.info.bearer_token returns the token that you'd normally need for authenticating the swagger api calls/etc. from https://sonicos-api.sonicwall.com/index.html?sonicwallIp=IPHERE&sonicwallPort=4448&model=TZ&version=7.0.1#
How are sessions persisted if I for example wanted to perform a GET request for the zones (below is what I tried that seemed to get closest)
$header_tokenized = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$header_tokenized.Add("Accept", 'application/json')
$header_tokenized.Add("Content-Type", 'application/json')
$header_tokenized.Add("Authorization", "Bearer $tokenauth")
Invoke-RestMethod -Uri "https://IPandPortHere/api/sonicos/zones" -Method GET -Header $header_tokenized
I am pretty new to building API integrations and am probably way in over my head but figured why not. Thanks in advance!
Answers
Hello,
I'm not very familiar with PowerShell, but if I'm following your code correctly, you seem to be on the right track. In Python, we would create a persistent session and all subsequent requests would use the session instance. I ran a few web searches and came across a post that seems like it might help you. If my understanding is correct, your current code doesn't establish a persistent session, which may be why it is failing.
https://adamtheautomator.com/invoke-restmethod/#Maintaining_Session_Information