Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vince_Marinov
Contributor

API call for removing object from a group

Hello,

I was looking in previous discussions regarding API call for removing an object from a group and at that point in time there was no specific API call for this. I also checked the new API releases but I am not able to find that. I was wondering if this is something on the roadmap or if there is already solution that I have missed.

Thank you,

Vince

 

0 Kudos
7 Replies
Bob_Zimmerman
Advisor

It's in the Management API documentation, as the second case for the 'members' property in 'set group'. Dates all the way back to API version 1.0, so it should work on any R80-family management:

set group uid <group UUID> members.remove <member UUID>

or for multiple members:

set group uid <group UUID> members.remove.0 <member UUID> members.remove.1 <member UUID> ... members.remove.<n> <member UUID>

 

The same option is present for 'set service-group'.

0 Kudos
Vince_Marinov
Contributor

Thanks for sharing the info. I think I found the REST API option for that as well!

0 Kudos
Bob_Zimmerman
Advisor

To the best of my knowledge, Check Point does not offer a REST API. The above can be done via the HTTPS RPC-ish API by calling /set-group with a JSON object in the body like this:

{
	"uid":"<group UUID>",
	"members":{
		"remove":[
			"<member 0 UUID>",
			"<member 1 UUID>",
			...
			"<member n UUID>"
		]
	}
}

I haven't made this exact call myself, but the pattern matches how I have made other, similar calls.

0 Kudos
Vince_Marinov
Contributor

Thanks Bob,

I was referring to the same Web Service call.

Vince

0 Kudos
Vince_Marinov
Contributor

Interesting, I am using the following code:

{
  "name" : "vince_test_group",
  "members" : {
    "remove" : "vince_test"
  }
}

and I am getting this error 400 Bad Request:

"code""generic_err_invalid_parameter_name",
"message""Unrecognized parameter [members]"
 
My groups is vince_test_group and vince_test is a host object within the group. I tried with both the uid and the object names but still getting this error. I am using Postman. Any ideas?
 
Thanks,
Vince
 
 
0 Kudos
Bob_Zimmerman
Advisor

What API point are you sending that to? That's the response I would expect for /set-host, for example, because hosts don't have members.

Vince_Marinov
Contributor

Hey Bob,

You are  right I as using set-host instead of set-group. That was my bad when I was copying the request from another file.

It is working now, appreciate your help!

Vince

0 Kudos