Connect‐OPNsense - fvanroie/PS_OPNsense GitHub Wiki
Connect to an OPNsense server using the REST api
Connect-OPNsense [-Url] <String> [-Credential] <PSCredential> `
[[-WebCredential] <PSCredential>] `
[[-SkipCertificateCheck] <SwitchParameter>]Connect-OPNsense [-Url] <String> [-Key] <String> [-Secret] <SecureString> `
[[-WebCredential] <PSCredential>] `
[[-SkipCertificateCheck] <SwitchParameter>]The Connect-OPNsense cmdlet will try to connect to an OPNsense server REST api. You need to specify the Key and Secret obtained when enabling the REST api.
Optionally specify a username and password for the WebUI in order to use the Backup-OPNsenseConfig, Restore-OPNsenseConfig and Reset-OPNsenseConfig cmdlets. These actions do not have a REST api equivalent yet and need the webcredentials to perform these commands on the server.
If the server is using a self-signed certificate and your computer fails to validate it, you can temporarily disable the Certificate Validation using the -SkipCertificateCheck switch.
-Url <String>
Full URI of the OPNsense REST api including the protocol and hostname. Optionally specify the port of the webservice.
| Required? | true |
| Position? | 1 |
| Default Value? | |
| Pipeline Input? | false |
-Key <String>
The REST api key generated by OPNsense.
| Required? | true |
| Position? | 2 |
| Default Value? | |
| Pipeline Input? | false |
-Credential <PSCredential>
Credentials for the REST api, this is the key and secret pair received when enabling the api for an OPNsense user. If you only specify a string, it will be interpreted as the key and you will be prompted to enter the secret.
| Required? | true |
| Position? | 2 |
| Default Value? | |
| Pipeline Input? | false |
-WebCredential <PSCredential>
Optional credentials for the web interface. These credentials are only used for legacy commands that do not have a REST api equivalent yet. If you only specify a string, it will be interpreted as the username and you will be prompted to enter the password.
| Required? | false |
| Position? | 3 |
| Default Value? | |
| Pipeline Input? | false |
-SkipCertificateCheck <SwitchParameter>
Bypass the server certificate validation, use this for accepting self-signed server certificates.
| Required? | false |
| Position? | 4 |
| Default Value? | |
| Pipeline Input? | false |
-Secret <SecureString>
| Required? | true |
| Position? | 3 |
| Default Value? | |
| Pipeline Input? | false |
$webCred = Get-Credential -Username 'root' -Message 'Enter the password for the WebUI:'
$secureSecret = ConvertTo-SecureString -String "api_secret" -AsPlainText -Force
$apiCred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList ("api_key", $secureSecret)
Connect-OPNsense -Url 'https://opnsense.localdomain:8080' -Credential $apiCred -WebCredential $webCred$apiKey = 'SQCY....fKgq1'
Connect-OPNsense -Url 'https://opnsense.localdomain' -Credential "$apiKey" -WebCredential "root"Connect-OPNsense -Url 'https://opnsense.localdomain:8080' -Credential $apiCred -WebCredential $webCred -Verbose -Debug