Sophos Switch REST API
You can manage your Sophos switches using REST API.
Warning
You mustn't use the REST API to configure or administer your switch if you've not been trained in their use. Sophos accepts no responsibility or damage to your switch through the inappropriate use of API commands.
Obtaining the bearer token
To access the API of your switch, you'll need the API bearer token. The switch generates a new bearer token for each session. So, you must obtain a new bearer token when the current session is closed.
To obtain the token from your switch, use the /system/login
API to obtain the bearer token. For more details, see PATCH/system/login.
Tip
There are many tools you can use to interact with the API, such as cURL, Postman, or other similar applications.
You can see an example request and response below.
Example
Request:
curl -k https://<Switch-IP address>/api/system/login -X PATCH -H 'Content-Type:application/json' -d '{"user":"admin","password":"your-password"}'
Response:
{
"restful_res":
{
"token":"xxxxxxxx.yyyyyyyy.zzzzzz",
"utctimestamp":##########,
"timeout":900,
"errCode":0,
"message":"OK"
}
}
Using the API
Once you obtain the bearer token, you can use it to interact with further API commands. To do this, you must pass the token as an authorization header as part of a curl command. For example, the following request looks for the GET/ports API using the bearer token obtained in the previous example.
Example
curl -k https://<Switch IP Address>/api/ports -H 'authorization:Bearer xxxxxxxx.yyyyyyyy.zzzzzz'
For a list of the API commands, see the Sophos Switch API help.