SonicOS API Getting Status Code: 401
I am trying to get the connection working for the SonicOS API and am currently getting a Status Code 401: Unauthorized. The user I am trying to login with has Full Admin Rights and for the SonicOS API Authentication I only have Enable RFC-2617 HTTP Basic authentication checked. Is there something I am missing for permissions?
Best Answers
-
PandaPunk Newbie ✭
Figured out my solution. Somehow the HTTP management on the LAN. Enabled that and was able to get a Success response.
2 -
Jaime SonicWall Employee
Got it. Please check if HTTPS User Login is enabled on the firewall’s interface.
You need to start with calls to the /auth endpoint and successfully auth before sending calls to others.
Your post suggested you were using a local user. Is that the case, or are you using the default admin user?
1
Answers
Can you show us some of the details of the request? Please obfuscate the auth data.
What endpoint are you calling that returns 401?
If already authenticated successfully, did you send a POST to /start-management after authenticating with the user?
Hope that helps.
Jaime,
I haven't called an endpoint yet. This is just doing a basic auth test to see if it will connect so there hasn't been any successful authentications previously. I have not sent a post to /start-management after authenticating. Would I even be able to reach that endpoint if I am getting unauthorized?
class SonicAPI:
def __init__(self, gateway, username, password) -> None:
self.baseurl = f"https://{gateway}/api/sonicos/"
self.authinfo = (username, password)
self.headers = OrderedDict([('Accept', 'application/json'),
('Content-Type', 'application/json'),
('Accept-Encoding', 'application/json'),
('charset', 'UTF-8')
])
self.kwargs = {
'auth': self.authinfo,
'headers': self.headers,
'verify': False
}
def auth(self, login=True, logout=False):
controller = 'auth'
url = self.baseurl + controller
if login == True:
r = requests.post(url, **self.kwargs)
if r.status_code != 200:
return r.status_code
else:
response = r.json()
return response
elif logout == True:
r = requests.delete(url, **self.kwargs)
if r.status_code != 200:
return r.status_code
else:
response = r.json()
return response
return {}
print(gateway_ip)
s = SonicAPI(gateway_ip, username, password)
print(json.dumps(s.auth(login=True), indent=4))
Yeah I found that to be the answer. Thanks!
I am using the default admin.