Client Authentication

SonicOS API currently offers the following mechanisms for initial client authentication:

• HTTP Basic Authentication (RFC 2617)

• HTTP Digest Access Authentication (RFC-7616)

• Public Key Authentication

• Challenge-Handshake Authentication (CHAP)

• Time-Based One-Time Password (TOTP)/Bearer Token Authentication

Regardless of the authentication mechanism used, only:

• A single administrator can manage (modify configuration) at any given time. This remains true regardless of where an admin logged in (web management UI, CLI, GMS, or SonicOS API).

• Users with full admin privileges are allowed to access SonicOS API.

• A single SonicOS API session is currently allowed.

For more information refer to API Authentication.