Skip to main content

PFS001 - pfSense Authentication Failed

Agent error code #PFS001 indicates that the pfSense REST API rejected the credentials provided by the agent. The API returned HTTP 401 (Unauthorized).

This error is distinct from authorization failures (#PFS002), which occur when the credentials are valid but lack sufficient permissions. Error #PFS001 means the API key itself was not accepted.

Common causes include:

  • The API key configured in Knocknoc has a typo or trailing whitespace
  • The API key was regenerated in pfSense and Knocknoc was not updated
  • The user the API key acts as has been disabled in pfSense
  • The API key entry was deleted from pfSense

Steps to Resolve

Verify the API Key in Knocknoc

  1. In the Knocknoc admin interface, navigate to the backend configuration for the affected pfSense Knoc
  2. Re-enter the pfRest API Key value and save

For more details, see the pfSense setup guide.

Verify the API User on pfSense

  1. Log into pfSense as an administrator
  2. Navigate to System > User Manager > Users and confirm the user the API key acts as is enabled
  3. Navigate to System > API > Keys and confirm an API key entry exists for that user

Regenerate the API Key

If the existing key cannot be verified or is no longer working:

  1. In pfSense, navigate to System > API > Keys
  2. Click Add to generate a new API key, choosing the same user
  3. Copy the new key value (pfRest only shows it once) and update the Knocknoc backend with the new value

Still Having Issues?

We can help you out, contact us at support@knocknoc.io.

Back to top