SonicOS/X API Reference Guide

Technical Documentation> API Authentication> RFC-7616 HTTP Digest Access Authentication

About SonicOS API
API Authentication
API: Config - Pending
API: Restart
API: Address Objects – IPv4
- Endpoint
- Schema Structure
API: Address Objects – IPv6
- Endpoint
- Schema Structure
API: Address Objects – MAC
- Endpoint
- Schema Structure
API: Address Objects – FQDN
- Endpoint
- Schema Structure
API: Address Groups — IPv4
- Endpoint
- Schema Structure
API: Address Groups — IPv6
- Endpoint
- Schema Structure
API: Schedule Objects
- Endpoint
- Schema Structure
API: Service Objects
- Endpoint
- Schema Structure
API: Service Groups
- Endpoint
- Schema Structure
API: Zones
- Endpoint
- Schema Structure
API: DNS
- Endpoint
- Schema Structure
  - Object: DNS
  - Schema Attributes
    dns:
    dns.server:
    dns.server.inherit:
    dns.server.static:
    dns.server.static.primary:
    dns.server.static.secondary:
    dns.server.static.tertiary:
    dns.server.ipv6:
    dns.server.ipv6.preferred:
    dns.server.ipv6.inherit:
    dns.server.ipv6.static:
    dns.server.ipv6.static.primary:
    dns.server.ipv6.static.secondary:
    dns.server.ipv6.static.tertiary:
    dns.rebinding:
    dns.rebinding.action:
    dns.rebinding.allowed_domains:
    dns.rebinding.allowed_domains.name:
    dns.rebinding.allowed_domains.group:
    dns.fqdn_binding:
API: Interfaces – IPv4
- Endpoint
- Schema Structure
API: NAT Policies – IPv4
- Endpoint
- Schema Structure
API: NAT Policies – IPv6
- Endpoint
- Schema Structure
  - Object: NAT Policies – IPv6
  - Schema Attributes
    nat_policy:
    nat_policies:
    nat_policy.ipv6:
    nat_policy.ipv6.inbound:
    nat_policy.ipv6.outbound:
    nat_policy.ipv6.source:
    nat_policy.ipv6.source.any:
    nat_policy.ipv6.source.name:
    nat_policy.ipv6.source.group:
    nat_policy.ipv6.translated_source:
    nat_policy.ipv6.translated_source.original:
    nat_policy.ipv6.translated_source.name:
    nat_policy.ipv6.translated_source.group:
    nat_policy.ipv6.destination:
    nat_policy.ipv6.destination.any:
    nat_policy.ipv6.destination.name:
    nat_policy.ipv6.destination.group:
    nat_policy.ipv6.translated_destination:
    nat_policy.ipv6.translated_destination.original:
    nat_policy.ipv6.translated_destination.name:
    nat_policy.ipv6.translated_destination.group:
    nat_policy.ipv6.service.any:
    nat_policy.ipv6.service.name:
    nat_policy.ipv6.service.group:
    nat_policy.ipv6.translated_service:
    nat_policy.ipv6.translated_service.original:
    nat_policy.ipv6.translated_service.name:
    nat_policy.ipv6.translated_service.group:
    nat_policy.ipv6.uuid:
    nat_policy.ipv6.name:
    nat_policy.ipv6.enable:
    nat_policy.ipv6.comment:
    nat_policy.ipv6.priority:
    nat_policy.ipv6.priority.auto:
    nat_policy.ipv6.priority.manual:
    nat_policy.ipv6.reflexive:
    nat_policy.ipv6.virtual_group:
    nat_policy.ipv6.virtual_group.any:
    nat_policy.ipv6.virtual_group.id:
API: NAT Policies – NAT64
- Endpoint
- Schema Structure
API: Access Rules – IPv4
- Endpoint
- Schema Structure
API: Access Rules – IPv6
- Endpoint
- Schema Structure
API: Route Policies – IPv4
- Endpoint
- Schema Structure
API: Route Policies – IPv6
- Endpoint
- Schema Structure
SonicWall Support
- About This Document

RFC-7616 HTTP Digest Access Authentication

SonicOS API supports the RFC-7616 HTTP Digest Access Authentication scheme as its most secure. It includes:

Secure authentication using SHA-256, extensible for other algorithms in the future.
Replay prevention utilizing a counter that is incremented in each request and can be reset to any value at any time in replies from the firewall.
An option for a “rolling nonce,” where an HTTP reply can optionally pass back a new nonce (random number) to be used for the next request.
Optional “integrity protection” where requests with entity body content can include that in the digest calculation.
An optional “session” variant that uses a SHA hash of the password instead of the password itself so that the SonicWall/client do not need to store the actual password.

For SonicOS API HTTP Digest Access Authentication, use the Linux command-line curl command with the -u option:

< Prev Section

Next Section >

SonicOS/X API Reference Guide

Table of Contents

RFC-7616 HTTP Digest Access Authentication