web
You’re offline. This is a read only version of the page.
close
Support Portal

Application /Product Knowledge

LiDAR: Headless configuration deployment

Article No: KA-10729
Version: 1.2
Subject to change without notice
Download a device configuration as a parameter backup file and restore it to the same or a replacement device using the REST API.
Related Products
picoScan100

Table of Contents

Firmware Always use the latest available firmware. Check the SICK product page for latest release.
OpenAPI Endpoint reference and schema details are shipped in the OpenAPI specification.
Overview

1 - Overview

The REST API is a JSON-based interface served over plain HTTP on port 80 of the sensor. It provides a uniform way to read and write device parameters and trigger actions.

The configuration file feature lets you:

  • Archive a complete device configuration as a single file.
  • Clone a configuration to multiple sensors of the same type.
  • Roll back to a known-good state after an unintended change.
  • Exchange configurations between devices.

The device requires a valid session token in the X-Session-Token HTTP header when downloading or uploading a configuration file. The token is obtained via POST /api/CreateSessionToken and is bound to the user level that was authenticated when the token was created.

Authentication

2 - Session Token Authentication

The device uses HTTP Basic Authentication to establish the user level for every request. Current firmware additionally requires a short-lived session token for the GET /api/parameterbackup and PUT /api/parameterbackup endpoints. This prevents cross-site request forgery on the raw file endpoints.

2.1  Obtaining a session token

Send a POST /api/CreateSessionToken request with valid Basic Auth credentials. The device returns a short-lived opaque token string. All subsequent requests to the /api/parameterbackup endpoints must include this token in the X-Session-Token header.

Request - create session token:

POST http://<device-ip>/api/CreateSessionToken
Authorization: Basic <base64(username:password)>
Content-Type: application/json

{}

Response (HTTP 200):

{
  "header": { "status": 0, "message": "Ok" },
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsIn..."
  }
}
Token lifetime The session token is short-lived. If your workflow takes longer than the token lifetime, request a new token before the upload or restore step. Treat it as valid for the duration of a single scripted workflow only.

2.2  Using the token

Include the token as a custom HTTP header on every request to /api/parameterbackup: 

X-Session-Token: eyJhbGciOiJIUzI1NiIsIn...
Endpoints

3 - API Endpoints

3.1  REST API actions (POST)

Action URL Auth required Description
CreateSessionToken POST /api/CreateSessionToken Basic Auth Returns a short-lived session token
CreateParameterBackup POST /api/CreateParameterBackup Basic Auth Triggers creation of a configuration file on the device (asynchronous)
RestoreParameterBackup POST /api/RestoreParameterBackup Basic Auth Applies a previously uploaded configuration file (asynchronous)

3.2  File transfer endpoints (GET / PUT)

Method URL Auth required Description
GET /api/parameterbackup Basic Auth + X-Session-Token Downloads the configuration file from the device
PUT /api/parameterbackup Basic Auth + X-Session-Token Uploads a configuration file to the device

3.3  CreateParameterBackup request payload

POST http://<device-ip>/api/CreateParameterBackup
Authorization: Basic <base64(username:password)>
Content-Type: application/json

{
  "data": {
    "Passphrase": "your-passphrase"
  }
}

The Passphrase protects the configuration file. The same passphrase must be supplied when importing. It is not the device login password; it is an independent value you choose for the configuration file.

3.4  RestoreParameterBackup request payload

POST http://<device-ip>/api/RestoreParameterBackup
Authorization: Basic <base64(username:password)>
Content-Type: application/json

{
  "data": {
    "Passphrase": "your-passphrase"
  }
}
Walkthrough

4 - Download Configuration File: step by step

Asynchronous operations Both CreateParameterBackup and RestoreParameterBackup are fire-and-return: the HTTP response confirms the action was accepted, but the actual work happens asynchronously on the device. Wait at least 1s before proceeding to the next step.
1
Authenticate and obtain a session token

Send POST /api/CreateSessionToken with Basic Auth credentials at Service level. Extract the token string from the response and store it for subsequent requests.

2
Trigger configuration file creation

Send POST /api/CreateParameterBackup with a Passphrase in the JSON body. The device acknowledges the request and starts generating the file.

3
Wait for the operation to complete

Wait at least 1 s. The file will not be available immediately after the POST returns.

4
Download the configuration file

Send GET /api/parameterbackup with both Basic Auth and the X-Session-Token header. The response body is the configuration file. Save it to a local file.

5 - Import Configuration File: step by step

1
Authenticate and obtain a session token

Same as download step 1. If you already hold a valid token from the same session you may reuse it, but obtaining a fresh token is always safe.

2
Upload the configuration file

Send PUT /api/parameterbackup with both Basic Auth and the X-Session-Token header. Set Content-Type: application/octet-stream and place the configuration file content in the request body. A 200 OK response confirms the file was accepted.

3
Trigger the import

Send POST /api/RestoreParameterBackup with the same Passphrase that was used when the configuration file was created. The device applies the configuration asynchronously.

4
Wait for the import to complete

Wait at least 1 s before querying any parameters.

5
Verify the import

Read back one or more parameters (e.g. GET /api/LocationName) to confirm the expected values are active.

Implementation

6 - Pseudocode

The following language-neutral pseudocode shows both workflows end to end. Replace http_post, http_get, and http_put with the HTTP client of your choice.

6.1  Download a configuration file

// 1. Obtain session token
response = http_post(
    url     = "http://<device-ip>/api/CreateSessionToken",
    headers = { "Authorization": basic_auth("Service", "<password>") },
    body    = "{}"
)
token = response.json["data"]["token"]

// 2. Trigger configuration file creation
http_post(
    url     = "http://<device-ip>/api/CreateParameterBackup",
    headers = { "Authorization": basic_auth("Service", "<password>") },
    body    = '{ "data": { "Passphrase": "your-passphrase" } }'
)

// 3. Wait for async operation to complete
sleep(1000 ms)

// 4. Download the configuration file
response = http_get(
    url     = "http://<device-ip>/api/parameterbackup",
    headers = {
        "Authorization":   basic_auth("Service", "<password>"),
        "X-Session-Token": token
    }
)
assert response.status == 200
write_file("parameterbackup.json", response.body)

6.2  Import (upload and restore) a configuration file

// 1. Obtain session token (or reuse existing one if still valid)
response = http_post(
    url     = "http://<device-ip>/api/CreateSessionToken",
    headers = { "Authorization": basic_auth("Service", "<password>") },
    body    = "{}"
)
token = response.json["data"]["token"]

// 2. Upload the configuration file
config_data = read_file("parameterbackup.json")
response = http_put(
    url     = "http://<device-ip>/api/parameterbackup",
    headers = {
        "Authorization":   basic_auth("Service", "<password>"),
        "X-Session-Token": token,
        "Content-Type":    "application/octet-stream"
    },
    body    = config_data
)
assert response.status == 200

// 3. Trigger the import
http_post(
    url     = "http://<device-ip>/api/RestoreParameterBackup",
    headers = { "Authorization": basic_auth("Service", "<password>") },
    body    = '{ "data": { "Passphrase": "your-passphrase" } }'
)

// 4. Wait for async operation to complete
sleep(1000 ms)

// 5. Verify - read back a parameter
response = http_get(
    url     = "http://<device-ip>/api/LocationName",
    headers = { "Authorization": basic_auth("Service", "<password>") }
)
print("LocationName =", response.json["data"]["LocationName"])
Error Handling

7 - Error handling and troubleshooting

HTTP status Likely cause Remedy
401 Unauthorized Missing or incorrect Basic Auth credentials Verify username and password; check user level has Service rights
403 Forbidden Missing or expired X-Session-Token Call CreateSessionToken again to obtain a fresh token
404 Not Found No backup exists yet on the device Ensure CreateParameterBackup completed and the wait time was sufficient before calling GET /api/parameterbackup
503 Service Unavailable Device busy (backup/restore still in progress) Increase the wait time after the triggering POST and retry
API status != 0 Wrong passphrase or corrupt configuration file Verify the same passphrase is used for both download and import. Re-download a fresh configuration file if the file may be corrupted.
Persist parameters after import By default, restored parameters are active in RAM only and will revert after a power cycle. Call POST /api/methods/WriteEeprom to write them to non-volatile storage.
Keywords:
configuration backup, parameter backup, REST API, session token, X-Session-Token, CreateParameterBackup, RestoreParameterBackup, device cloning, configuration restore, Basic Auth, parameterbackup, commissioning, json
Create request