-
×InformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center.
Hello all,
A quick introduction to the Poly G7500 Command-Line API Reference Guide or the Poly G7500 Command-Line API Reference Guide
NOTE: Please be aware that the community is not the official documentation source and is maintained by volunteers and enthusiasts and some of the below may not work or be supported in any other mode than Poly Provider Mode!
Please always ensure you are using the latest >Poly VideoOS REST API< (also see attached files) and/or >Poly Command-Line API< from the User and Administrator Documents >here<
If a UI is preferred a Tool like https://www.postman.com/ can be used. Instructions similar to this are >here<
Command-Line API
Enabling the Command Line access via Security > Access will either prompt you for the standard user name of the unit (factory default admin) using ssh and/or the password.
Using for example:
addrbook all
will return all the Speed Dials added to the system.
REST API
NOTE: Since PolyOS 4.6.2 added X-XSRF-Token to the REST API to prevent Cross-Site Request Forgery attacks. The examples below have been updated!
Starting with Poly VideoOS 4.6.2, HP Poly implements enhanced REST API security protections to improve overall device security. For more information, see the tech alert on the HP Support site.
Based on the above REST API documentation, to establish a session, a user would initially log in to the system:
curl -b cookies.txt -c cookies.txt -d "{\"user\": \"admin\",\"password\": \"123\"}" -H "Content-Type: application/json" -k https://192.168.0.9/rest/session
The above example uses an IP Address of 192.168.0.9 and an Admin Password of 123
For the above, we use CURL as this can be used with Windows 10, MS-DOS, and/or Linux machines.
- -k is being used to use HTTPS and trust the certificate of the Studio X and/or G7500
- -c is the instruction to write cookies to a file
-b is the instruction to read cookies from a file
For more details on cookies, check >here< - Ensure you use the right Admin (example admin) user and password (example 123)
The reply includes the sessionId, which we store in the cookie.txt
{"success":true,"loginStatus":{"loginResult":"NOLOCKOUT","lastLoginClient":"192.168.1.99","lastLoginTime":1773675882000,"failedLogins":0,"isPasswordAgeLimitReached":false},"session":{"clientType":"WEB","location":"192.168.1.99","sessionId":"PSohgerQw7fJutsCQr00g6PHZx5ck7Zif7DDbkDRShW+b+K515","userId":"admin","creationTime":603,"isAuthenticated":true,"role":"ADMIN"}}
We can then continue to use this cookie.txt
# Netscape HTTP Cookie File
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
#HttpOnly_192.168.1.100 FALSE / TRUE 0 session_id PSohgerQw7fJutsCQr00g6PHZx5ck7Zif7DDbkDRShW+b+K515
192.168.1.100 FALSE / TRUE 0 XSRF-TOKEN 4bdeba4b-bef9-402e-a74b-ad70a24d0fdb
to extract the XSRF Token and the Session ID and continue the session
for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X GET -k https://192.168..0.9/rest/system
and the Device will respond
{"systemName":"StudioX50-50626DFB","serialNumber":"8L194450626DFB","model":"StudioX50","hardwareVersion":"1","softwareVersion":"4.6.2","buildType":"dev","build":"460046","systemTime":1773847362000,"timeOffset":0,"uptime":17250.28,"state":"READY","canStartUpdate":true,"rebootNeeded":false,"lanStatus":{"state":"LAN_UP","speedMbps":1000,"duplex":"FULL"},"timeServerState":"TIMESERVER_UP"}
Reboot a single Studio X, Studio G62 or G7500 alone:
curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -X POST -d "{\"user\":\"admin\",\"password\":\"789\"}" https://192.168.0.9/rest/session
for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X POST -d "{\"action\": \"reboot\"}" https://192.168.0.9/rest/system/reboot
Reboot a single Studio X, Studio G62 or G7500 and all peripherals:
curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -X POST -d "{\"user\":\"admin\",\"password\":\"789\"}" https://192.168.0.9/rest/session
for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X POST -d "{\"action\":\"reboot\",\"restartAll\":\"True\"}" https://192.168.0.9/rest/system/reboot
Disable the Wireless advertisement of MiraCast and/or Airplay:
NOTE: The below example for Miracast or Airplay will only work in Poly Provider mode!
1st we check the current setting
curl -b cookies.txt -c cookies.txt -d "{\"user\": \"admin\",\"password\": \"123\"}" -H "Content-Type: application/json" -k https://192.168.0.92/rest/session
for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X POST -d -d "{\"names\": [\"system.network.wireless.wifi.enabled\"]}" https://192.168.0.92/rest/config
The system will respond with
{"vars":[{"name":"system.network.wireless.wifi.enabled","result":"NOERROR","value":"True","isEditable":true,"isHidden":false,"isSecure":false}]}
In the above case, the Wireless in Security - Wireless Security is enabled.
Whilst we already have established a session we can then also check the Miracast setting
curl -b cookies.txt -c cookies.txt -X POST -H "Content-Type: application/json" -k for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X POST -d https://192.168.0.9/rest/config -d "{\"names\": [\"cast.miracast.enabled\"]}"
and the reply will be:
{"vars":[{"name":"cast.miracast.enabled","result":"NOERROR","value":"True","isEditable":false,"isHidden":false,"isSecure":false}]}
and/or Airplay state
for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X POST -d https://192.168.0.9/rest/config -d "{\"names\": [\"cast.airplay.enabled\"]}"
and the reply will be:
{"vars":[{"name":"cast.airplay.enabled","result":"NOERROR","value":"True","isEditable":false,"isHidden":false,"isSecure":false}]}or Bluetooth
curl -b cookies.txt -c cookies.txt -d "{\"user\": \"admin\",\"password\": \"626DFB\"}" -H "Content-Type: application/json" -k https://10.252.149.104/rest/session
for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X POST -d -d "{\"names\": [\"system.network.wireless.bt.enabled\"]}"
and the system should reply:
{"vars":[{"name":"system.network.wireless.bt.enabled","result":"NOERROR","value":"True","isEditable":true,"isHidden":false,"isSecure":false}]}
Disable the Device Mode
Check if the Device mode is active:
curl -b cookies.txt -c cookies.txt -X POST -d "{\"user\": \"admin\",\"password\": \"123\"}" -H "Content-Type: application/json" -k https://192.168.1.100/rest/session
for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X GET -k https://192.168.1.100/rest/system/mode/device
The system responds with:
{"result":true}
Disabling the device mode:
curl -b cookies.txt -c cookies.txt -X POST -d "{\"user\": \"admin\",\"password\": \"123\"}" -H "Content-Type: application/json" -k https://10.252.149.104/rest/session
for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X DELETE -k https://10.252.149.104/rest/system/mode/device
The system responds with
{"success":true}
Use POST instead of DELETE to set the Device mode
Remote Control Check
Check the battery status of a Bluetooth remote:
curl -b cookies.txt -c cookies.txt -X POST -d "{\"user\": \"admin\",\"password\": \"789\"}" -H "Content-Type: application/json" -k https://192.168.1.100/rest/session
for /f "tokens=6,7" %A in (cookies.txt) do /I "%A"=="XSRF-TOKEN" set TOKEN=%B & curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X GET -k https://192.168.1.100/rest/system/bluetooth
Please be aware this is working at present but could change at any point. If you need this ensured please work with Poly sales to request this to be documented.
The reply would be (if a remote is paired):
[{"batteryLevel":100,"firmwareRevision":"97","id":"80:6F:B0:45:BF:81","name":"Polycom Remote","connected":true}]
Batch File option using CURL
using a local file called IP_Pass.txt with the IP address and the password comma separated and create a Windows Batch File with the following content to reboot a Studio X or G7500
off
for /F "tokens=1,2 delims=," %%a in (IP_Pass.txt) do (
curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -X POST -d "{\"user\":\"admin\",\"password\":\"%%b\"}" https://%%a/rest/session
for /f "tokens=6,7" %%A in (cookies.txt) do /I "%%A"=="XSRF-TOKEN" set TOKEN=%%B
curl -k -b cookies.txt -c cookies.txt -H "Content-Type: application/json" -H "X-XSRF-TOKEN: %TOKEN%" -H "X-Requested-With: XMLHttpRequest" -X POST -d "{\"action\":\"reboot\",\"restartAll\":\"True\"}" https://%%a/rest/system/reboot
)
Getting Logs:
curl -b cookies.txt -c cookies.txt -i -X POST -d "{\"user\": \"admin\",\"password\": \"789\"}" -H "Content-Type: application/json" -k https://192.168.1.100/rest/session
curl -b cookies.txt -c cookies.txt -X POST -H "accept: application/octet-stream" -k https://192.168.1.100/rest/current/devicemanagement/logs -O -J
Power Shell examples
reboot an individual Poly Studio X or G7500 itself using a hardcoded IP and Password:
<#
.SYNOPSIS
Reboots a Poly Studio X, G7500 or Studio G62 or compatible via REST API using session cookie + XSRF token.
.DESCRIPTION
- Disables self-signed certificate validation (for on-box certs).
- Logs in to /rest/session with admin credentials.
- Reads the XSRF-TOKEN cookie from the same WebSession.
- Sends the token back in X-XSRF-TOKEN header when POSTing /rest/system/reboot.
- Reuses the exact same WebSession (auth + cookies preserved).
#>
param(
[Parameter(Mandatory = $false)]
[string]$IP = "192.168.1.100",
[Parameter(Mandatory = $false)]
[string]$User = "admin",
[Parameter(Mandatory = $false)]
[string]$Password = "789"
)
# --- Utility: Disable certificate validation (self-signed device certs) ---
if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type) {
$certCallback = @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class ServerCertificateValidationCallback {
public static void Ignore() {
if (ServicePointManager.ServerCertificateValidationCallback == null) {
ServicePointManager.ServerCertificateValidationCallback +=
delegate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors errors) { return true; };
}
}
}
"@
Add-Type $certCallback
}
[ServerCertificateValidationCallback]::Ignore()
# --- Quick connectivity check (optional but helpful) ---
try {
$tnc = Test-NetConnection -ComputerName $IP -Port 443 -WarningAction SilentlyContinue
if (-not $tnc.TcpTestSucceeded) {
Write-Error "Cannot connect to $IP:443 (HTTPS). Verify IP, VLAN, firewall, or device availability."
return
}
}
catch {
Write-Warning "Test-NetConnection not available or failed; proceeding with web request anyway."
}
# --- Build endpoints & bodies ---
$baseUri = "https://$IP"
$sessionURL = "$baseUri/rest/session"
$rebootURL = "$baseUri/rest/system/reboot"
$sessionBody = @{ user = $User; password = $Password } | ConvertTo-Json -Compress
$rebootBody = @{ action = "reboot" } | ConvertTo-Json -Compress
# --- 1) Login and keep session cookies in $sess ---
$loginParams = @{
Uri = $sessionURL
Method = 'POST'
ContentType = 'application/json'
Body = $sessionBody
UseBasicParsing = $true
SessionVariable = 'sess'
}
try {
$response = Invoke-WebRequest @loginParams
}
catch {
Write-Error "Login request failed: $($_.Exception.Message)"
return
}
if (-not $response -or -not $sess) {
Write-Error "Login did not return a session. Aborting."
return
}
# --- 2) Extract the XSRF token cookie from the same session ---
try {
$xsrfCookie = $sess.Cookies.GetCookies([Uri]$baseUri)['XSRF-TOKEN']
if (-not $xsrfCookie -or [string]::IsNullOrWhiteSpace($xsrfCookie.Value)) {
Write-Warning "XSRF-TOKEN cookie not found after login. Some firmware sets it only after a GET."
# OPTIONAL: Prime with a GET to fetch token if your device requires it
# $prime = Invoke-WebRequest -Uri "$baseUri/rest/system/info" -Method GET -WebSession $sess -UseBasicParsing
# $xsrfCookie = $sess.Cookies.GetCookies([Uri]$baseUri)['XSRF-TOKEN']
# if (-not $xsrfCookie) { Write-Error "Still no XSRF-TOKEN after priming GET. Aborting."; return }
}
}
catch {
Write-Error "Failed to read cookies from session: $($_.Exception.Message)"
return
}
$xsrfToken = $xsrfCookie.Value
# --- 3) Prepare headers for reboot (include token + content-type) ---
$headers = @{
'Content-Type' = 'application/json'
}
if ($xsrfToken) {
$headers['X-XSRF-TOKEN'] = $xsrfToken
}
# --- 4) POST reboot using the same WebSession (preserves cookie session) ---
$rebootParams = @{
Uri = $rebootURL
Method = 'POST'
Headers = $headers
Body = $rebootBody
WebSession = $sess
UseBasicParsing = $true
}
try {
$rebootResponse = Invoke-WebRequest @rebootParams
$status = $rebootResponse.StatusCode
if ($status -ge 200 -and $status -lt 300) {
Write-Host "Reboot request accepted. HTTP $status"
} else {
Write-Warning "Reboot request returned HTTP $status. Body:`n$($rebootResponse.Content)"
}
}
catch {
Write-Error "Reboot request failed: $($_.Exception.Message)"
}
reboot an individual Poly Studio X or G7500 with all attached devices using a hardcoded IP and Password:
#BEGIN POWERSHELL SCRIPT FOR POLY G7500 REST command
$password = "789" #your password
$IP = "172.19.141.52" #IP of unit
#URL to make new session
$sessionURL = ("https://" + $IP + "/rest/session");
#Command to make new session
$sessionBody = "{`"user`": `"admin`",`"password`": `"" + $password + "`"}"
#URL to issue reboot
$rebootURL = ("https://" + $IP + "/rest/system/reboot");
#Command to issue reboot
$rebootBody = "{`"action`": `"reboot`" , `"restartAll`": `"True`"}"
# disable self signed certificate check
if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type)
{
$certCallback = @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class ServerCertificateValidationCallback
{
public static void Ignore()
{
if(ServicePointManager.ServerCertificateValidationCallback ==null)
{
ServicePointManager.ServerCertificateValidationCallback +=
delegate
(
Object obj,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors errors
)
{
return true;
};
}
}
}
"@
Add-Type $certCallback
}
[ServerCertificateValidationCallback]::Ignore()
# End self signed certificate commands
Invoke-WebRequest $sessionURL -UseBasicParsing -ContentType "application/json" -Method Post -body $sessionBody -SessionVariable sess;
Invoke-WebRequest $rebootURL -UseBasicParsing -ContentType "application/json" -Method Post -WebSession $sess -Body $rebootBody
reboot multiple Poly Studio X or G7500 without attached devices using a Text File with the IP Address and Password at c:\temp\restapi\IP_Pass.txt
# BEGIN POWERSHELL SCRIPT FOR REBOOTING Poly GroupSeries/Studio family via REST (with XSRF support)
# Read lines of the form: IP,Password
$File = Get-Content "C:\temp\restapi\IP_Pass.txt"
foreach ($line in $File) {
if (-not $line -or -not $line.Trim()) { continue }
$Arr = $line.Split(',')
if ($Arr.Count -lt 2) {
Write-Warning "Skipping malformed line (expected 'IP,Password'): $line"
continue
}
$ip = $Arr[0].Trim()
$pwd = $Arr[1].Trim()
$baseUri = "https://$ip"
$sessionURL = "$baseUri/rest/session"
$sessionBody = '{"user":"admin","password":"' + $pwd + '"}'
$rebootURL = "$baseUri/rest/system/reboot"
# If your device requires the legacy body, swap the next line to: $rebootBody = '{"action":"reboot"}'
$rebootBody = '{ "restartAll": true }'
# ---- Ignore self-signed certs (same approach as your original)
if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type) {
$certCallback = @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class ServerCertificateValidationCallback {
public static void Ignore() {
if (ServicePointManager.ServerCertificateValidationCallback == null) {
ServicePointManager.ServerCertificateValidationCallback +=
delegate (Object obj, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors) { return true; };
}
}
}
"@
Add-Type $certCallback
}
[ServerCertificateValidationCallback]::Ignore()
try {
# ---- 1) LOGIN (capture cookies into $sess)
$loginHeaders = @{ "Content-Type" = "application/json" }
Invoke-WebRequest -Uri $sessionURL `
-UseBasicParsing `
-Method Post `
-Headers $loginHeaders `
-Body $sessionBody `
-SessionVariable sess | Out-Null
# ---- 2) Extract XSRF-TOKEN from the cookie jar
$xsrf = $null
try {
$uriObj = [Uri]$baseUri
foreach ($c in $sess.Cookies.GetCookies($uriObj)) {
if ($c.Name -eq 'XSRF-TOKEN') { $xsrf = $c.Value; break }
}
} catch {
# non-fatal; PolyOS < 4.6.2 may not set XSRF
}
# ---- 3) Build headers for reboot call (include XSRF if present)
$rebootHeaders = @{ "Content-Type" = "application/json" }
if ($xsrf) { $rebootHeaders["X-XSRF-TOKEN"] = $xsrf }
# ---- 4) POST reboot
$resp = Invoke-WebRequest -Uri $rebootURL `
-UseBasicParsing `
-Method Post `
-WebSession $sess `
-Headers $rebootHeaders `
-Body $rebootBody
Write-Host "[$ip] Reboot request sent. HTTP $($resp.StatusCode) $($resp.StatusDescription)"
}
catch {
Write-Warning "[$ip] Reboot failed: $($_.Exception.Message)"
}
}
# END SCRIPT
reboot multiple Poly Studio X or G7500 with attached devices using a Text File with the IP Address and Password at c:\temp\restapi\IP_Pass.txt
#BEGIN POWERSHELL SCRIPT FOR REBOOTING Studio X or G7500 reboot command
$File = get-content "IP_Pass.txt"
foreach ($line in $File){
$Arr = $line.Split(',')
[array]
#URL to make new session
$sessionURL = ("https://" + $Arr[0] + "/rest/session");
#Command to make new session
$sessionBody = "{`"user`": `"admin`",`"password`": `"" + $Arr[1] + "`"}"
#URL to issue reboot
$rebootURL = ("https://" + $Arr[0] + "/rest/system/reboot");
#Command to issue reboot
$rebootBody = "{`"action`": `"reboot`" , `"restartAll`": `"True`"}"
# disable self signed certificate check
if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type)
{
$certCallback = @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class ServerCertificateValidationCallback
{
public static void Ignore()
{
if(ServicePointManager.ServerCertificateValidationCallback ==null)
{
ServicePointManager.ServerCertificateValidationCallback +=
delegate
(
Object obj,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors errors
)
{
return true;
};
}
}
}
"@
Add-Type $certCallback
}
[ServerCertificateValidationCallback]::Ignore()
# End self signed certificate commands
Invoke-WebRequest $sessionURL -UseBasicParsing -ContentType "application/json" -Method Post -body $sessionBody -SessionVariable sess;
Invoke-WebRequest $rebootURL -UseBasicParsing -ContentType "application/json" -Method Post -WebSession $sess -Body $rebootBody
}
The IP_Pass.txt file is just a comma-separated file with the IP,Password
EagleEye Director II API
REST API Info >here<
Need help or have any questions? Start a new discussion here and get the answers you need.
