Sophos Switch REST API
You can manage your Sophos switches using REST API.
Warning
You mustn't use the REST API to configure or administer your switch if you've not been trained in their use. Sophos accepts no responsibility or damage to your switch through the inappropriate use of API commands.
Obtaining the bearer token
To access the API of your switch, you'll need the API bearer token. The switch generates a new bearer token for each session. So, you must obtain a new bearer token when the current session is closed.
To obtain the token from your switch, do as follows:
- Open an SSH connection to your switch.
- Use the
PATCH/system/login
API to obtain the bearer token. For more details, see PATCH/system/login.
You can see an example request and response below.
Example
Request:
curl 'https://<Switch IP Address>/api/login' \
--data-raw {"user": "username","password": "yourpassword"}\
Response:
{
"token": "xxxx.yyyy.zzzz",
"errCode": 0,
"message": "OK"
}
Using the API
Once you obtain the bearer token, you can use it to interact with further API commands. To do this, you must pass the token as an authorization header as part of a curl command. For example, the following request looks for the GET/ports API.
Example
curl 'https://<Switch IP Address>/api/ports' \
-H 'authorization: Bearer xxxxxxxx.yyyyyyyy.zzzzzz'
For a list of the API commands, see the Sophos Switch API help.