Enabling SonicOS API and Configuring Authentication Methods

You can use SonicOS API as an alternative to the SonicOS Command Line Interface (CLI) for configuring selected functions. To do so, you must first enable SonicOS API.

To enable SonicOS API and configure client authentication

1. Navigate to Device | Settings > Administration.
2. ClickSonicOS API tab.
3. Enable SonicOS API.
4. Select any of the authentication methods for initial client authentication:
   • RFC-7616 HTTP Digest Access authentication
     • Select the appropriate digest algorithms: SHA256 (default), MD5
     • Integrity protection: Disabled (default), Allowed, or Enforced.
     • Session variant (password hashes in place of passwords):Disabled (default), Allowed , or Enforced
       
   • CHAP authentication.
   • RFC-2617 HTTP Basic Access authentication
   • Public Key Authentication
     • RSA modulus (key/cipher size in bits): 2014 is the default.
     • RSA padding type: PKCS#1 v1.5 or PKCS#1 v2.0 OAEP
       • OAEP hash method: SHA-1, SHA-256, or Other
       • OAEP mask (MGF1) method: SHA1, SHA-256, or Other
     • Session security using RFC-7616 Digest Access Authentication
       • Can hold user passwords received from the client.
     • Maximum nonce use: 10 by default
     • Two-Factor and Bearer Token Authentication
5. Click Accept.