SonicWall Employee

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Jaime SonicWall Employee

Badges (13)

4 Year Anniversary3 Year Anniversary2 Year Anniversary5 Helpfuls5 Answers10 Comments1 Year AnniversaryName Dropper5 LikesFirst AnswerFirst CommentEarly AdopterPhotogenic


  • Try using "-SkipHttpErrorCheck" in your Invoke-Restmethod call. It indeed seems to be a behavior of that cmdlet in PS. "-SkipHttpErrorCheck" ignores the "error statuses" non-200 response codes. Not sure exactly which codes it ignores. Maybe 4xx/5xx. I found these that might be helpful.…
  • If I'm understanding what you've described, I would think the failure from PowerShell would not have been an API response or maybe the value of $Result needs to be converted to plaintext or JSON. I could be wrong. I'm also not very familiar with requests from PS. You should get back a readable error in JSON as you've noted…
  • There should still be a message/response of some sort from the API even in the case of a failed request. Perhaps try checking the response information for a 'success' key with a true or false value in the response body and using that as the confirmation of a successful call.
  • Hi, Please take a look at the Python example script "sonicosapi-public-key-auth.py". There's an example you can reference for uploading firmware via the API. https://github.com/jaimeesc/sonicos-api-examples Hope that helps!
  • Hi, Please take a look at a couple of example scripts in Bash and Python here: https://github.com/jaimeesc/sonicos-api-examples Make sure you enable "PKCS#1 v2.0 OAEP" padding type and SHA256 hash/mask. Hope that helps!
  • I uploaded a couple of example scripts (Bash and Python) here:
  • Hello, I may have a solution for you. Try this: 'Authorization: SNWL-PK-AUTH user="'$USER'", data="'$CIPHER'"' instead. Line from your post: curl -k -i -s -H "Authorization: SNWL-PK-AUTH user="'$USER'", data='$CIPHER'" -X POST https://$ADDR/api/sonicos/auth I modified the line to this: curl -k -i -s -H 'Authorization:…
  • I'm happy that helped. I'm doing what I can to have it addressed so that Gen6 links properly go to Gen6 documentation. Unfortunately, getting it addressed has taken some time. Check out this link: https://sonicos-api.sonicwall.com/sonicos_files/ Take care. Jaime
  • Unfortunately, since the Gen6 API is technically not complete, the CLI is sometimes the only way to accomplish the task. The /direct/cli endpoint provides an entry for CLI commands over the API. I understand it isn't ideal, but it is a potential workaround that could help you accomplish the task in the short term. I've…
  • Just got a confirmation the fix is not in
  • Hi @CTaylor, The URL to the Swagger documentation is created by a combination of the firmware version and firewall model. The reason the SonicOS 7 documentation loads is because it is the default, and the version number requested was not found. The latest API documentation was generated for For the Gen6…
  • I didn't know the answer to this, but felt the NSM section of the Community would be a better place to ask. Then I discovered it was asked and answered already :). For those looking for this answer: https://community.sonicwall.com/technology-and-support/discussion/5375/can-we-roll-back-after-commit#latest
  • Hi @CTaylor, can you confirm the JSON you received from the GET? I just want to make sure the JSON is complete. I'm not seeing any evidence that the fix made it into a release. I'm trying to get confirmation. Going with the assumption that the GET is incomplete, if you PUT back a modified version of what you GET, it would…
  • Got it. Please check if HTTPS User Login is enabled on the firewall’s interface. You need to start with calls to the /auth endpoint and successfully auth before sending calls to others. Your post suggested you were using a local user. Is that the case, or are you using the default admin user?
  • Hello, Can you show us some of the details of the request? Please obfuscate the auth data. What endpoint are you calling that returns 401? If already authenticated successfully, did you send a POST to /start-management after authenticating with the user? Hope that helps.