Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
franck_BOUDINET
Participant

Missing header X-chkp-sid in login ?

Hi, I'm a newbie on the R80.10 API and face a basic problem: cannot login through the API.

I created a testapi user with super user privilege but cannot login with it through the api but can using the mgmt command after connecting to my management server (see two attached screen shots from SmartConsole with general view of the configuration & admin users)

Symptom:

POST https://x.y.z.w:443/web_api/1.1/login

{
"user" : "testapi",
"password" : "myPassword"
}

returns

{
"code": "generic_err_missing_required_header",
"message": "Missing header: [X-chkp-sid]"
}

My understanding is that the sid should be returned by the login request so I'm not sure why it seems to be requested by the login operation and thus do not understand what needs to be done. 

Any idea about what's going on and what I should do to get this login to work ?

Info about my setup (see attached screen shot for general view):

  • Version

cp-security-management> show version all

Product version Check Point Gaia R80.10 

OS build 479

OS kernel version 2.6.18-92cpx86_64

OS edition 64-bit

  • API Status

cp-security-management> api status

API Settings:      

---------------------

Accessibility:                      Require all granted      

Automatic Start:                    Enabled                  

Processes:      

Name      State     PID       More Information

-------------------------------------------------

API       Started   2506                

CPM       Started   17351     Check Point Security Management Server is running and ready

FWM       Started   16758               

Port Details:      

-------------------

JETTY Internal Port:      50276          

APACHE Gaia Port:         443            

                          Apache port retrieved from: httpd-ssl.conf 

--------------------------------------------

Overall API Status: Started

--------------------------------------------

API readiness test SUCCESSFUL. The server is up and ready to receive connections

Notes:      

------------

To collect troubleshooting data, please run 'api status -s <comment>'

  • Testing login with testapi user on gaia

ssh admin@10.11.10.50

This system is for authorized use only.

admin@10.11.10.50's password: 

Last login: Sun Dec  9 08:51:05 2018 from 192.168.201.56

cp-security-management> mgmt login user testapi     

Enter password: 

cp-security-management> mgmt show api-versions

current-version: "1.1"

supported-versions: 

- "1"

- "1.1"

Thanks

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

Are you passing the correct Content-Type as part of the POST request?

Here's the exact example from the docs:

POST {{server}}/login
Content-Type: application/json
{
   "user" : "aa",
   "password" : "aaaa"
}
0 Kudos
franck_BOUDINET
Participant

Yes,

I do have Content-Type set to application/json. I actually downloaded the postman collection you guys provide.

I'm assuming sever should be set to : "x.y.z.w:443/web_api/1.1" can you confirm ?

0 Kudos
Joshua_Hatter
Employee
Employee

You are missing the v in the version section of the path. /web_api/v1.1/login

0 Kudos
franck_BOUDINET
Participant

Oups,

It was there like a nose in the middle of one's face 😞 

My apologies for bugging you with this.

thx a lot Joshua & Dameon for taking care

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events