First you need to perform a login.

The response will return the session ID which is required in the post for the call you have.

Here is an example:

import requests, jsondef api_call(ip_addr, port, command, json_payload, sid):    url = 'https://' + ap_addr + ':' + port + '/web_api/' + command    if sid == '':        request_headers = {'Content-Type' : 'application/json'}    else:        request_headers = {'Content-Type' : 'application/json', 'X-chkp-sid' : sid}    r = requests.post(url,data=json.dumps(json_payload), headers=request_headers)    return r.json()def login(user,password):    payload = {'user':user, 'password' : password}    response = api_call('<some ip>', 443, 'login',payload, '')    return response["sid"]def get_tag_uid(sid):    payload = {'type':'tag'}    response = api_call('<some ip>', 443, 'show-objects', payload, sid)    return response["sid"]sid = login('my_username','secret')print("session id: " + sid)get_tag = get_tag_uid(sid)print("tag UID: " + get_tag)logout_result = api_call('<some ip>', 443,"logout", {},sid)print("logout result: " + json.dumps(logout_result))‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

I would add an additional filter for a specific object to make the work more efficiently.

This should simply dump all object tags.

Hope that helps.

True, calls to the API have a limit on the number of objects returned (50) so additional code to iterate through the list is necessary. However the Python SDK has its issues also and for the purpose of "learning" the API it is most appropriate to respond to the question and help others understand the API not just pull out another tool.
I hope that helped.

Thanks everyone for the suggestions. A bit more context about what I am doing here: I am writing an ansible module that takes in a session id, an ip (for the management host), a list of tags and an object type, and outputs a list of names of any checkpoint objects whose tags match the inputted tags.

I got the module working, however what the module does is it currently returns all tags (limit the maximum of 500 although it is unlikely that this will every be reached) then filters the tags to find tags with a given name, then finds the objects whose tags match those tags. If there is a way to filter the tags returned in that initial call based on object type or the name of the tag, that would of course be much better both in terms of efficiency and in terms of avoiding the possibility of not returning all desired tags due to the object cap.

However, I am not sure if/how I could do this.The "filter" parameter of the show-objects API call appears to a require an ip as part of the filter but I cannot use an ip to filter tags. Any suggestions on how this could be done?

If you haven't: Take a look at sk114661 - Automate your management server using "Ansible"

and look at https://github.com/CheckPoint-APIs-Team/cpAnsible

and for filtering :

Name in:

{   "limit" : 10,   "offset" : 0,   "order" : [ {     "ASC" : "name"   } ],   "in" : [ "name", "ABC" ],   "type" : "object" }

Name not in:

{   "limit" : 10,   "offset" : 0,   "order" : [ {     "ASC" : "name"   }, {     "DESC" : "objId"   } ],   "not" : {     "in" : [ "name", "ABC" ]   },   "type" : "object" }

Perhaps try:

{   "limit" : 10,   "offset" : 0,   "order" : [ {     "ASC" : "name"   } ],   "in" : [ "tag", "ABC" ],   "type" : "object" }

Aww man! 

Glad to be of assistance. Please let me know if I can be of help in the future and I would love to see the final result!

Thanks,

CB Currier

Hello Friends, I am trying to understand API Usage, I did whatever you write here but I am getting no result

My Python Code is same like you :

import requestsimport jsonfrom requests.packages.urllib3.exceptions import InsecureRequestWarningrequests.packages.urllib3.disable_warnings(InsecureRequestWarning)mgmt_username = 'admin'mgmt_password = 'pass1234'mgmt_server = '192.168.100.254'def api_call(ip_addr, port, command, json_payload, sid):    url = 'https://' + ip_addr + ':' + str(port) + '/web_api/' + command    if sid == '':        request_headers = {'Content-Type' : 'application/json'}    else:        request_headers = {'Content-Type' : 'application/json', 'X-chkp-sid' : sid}    r = requests.post(url,data=json.dumps(json_payload), headers=request_headers, verify=False)    return r.json()def login(user,password):    payload = {'user':user, 'password' : password}    response = api_call(mgmt_server, 443, 'login',payload, '')    return response["sid"]def get_tag_uid(sid):    payload = {'type':'tag'}    response = api_call(mgmt_server, 443, 'show-objects', payload, sid)    return response["sid"]def main():    sid = login(mgmt_username,mgmt_password)    print("session id: " + sid)    logout_result = api_call(mgmt_server, 443,"logout", {},sid)    print("logout result: " + json.dumps(logout_result))if __name__ == '__main__':    main()‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Resulst is ;

session id: _ujo0oCE9EMDdOctxCwGjImTJwuxA6sIQT8EYq0CB1s
logout result: {"message": "OK"}

I dont understand why is not displaying "show-objects"

Regards for help