yeah, this works for me "https://$fwhost/gaia_api/v1.6/show-licenses" but I only get the licenses.

I would like to get the "contracts" information that you get when you run "cplic print"

Would you mind sharing exact command you ran? I tried mgmt_cli show-licenses and its not working

Andy

I am not using mgmt_cli, it is just a http request https://host/gaia_api/v1.6/show-licenses>
My original question: Is it possible to get the contract information via api request?

Do I need anything special in terms of authorization to run-scripts?
I don't have any issue to run query commands through the api via web or mgmt_cli with a monitor user.

However I get this error when I try to run-script and then try to see the task-details output even if I configure the user as adminRole.
No issue If I try with the admin user

mgmt_cli run-script script "show version" --context gaia_api
Username: userapi
Password:
code: generic_err_no_permissions
errors: User doesn't have permission to perform this action
message: No Permission

add rba user userapi roles adminRole
mgmt_cli run-script script "show version" --context gaia_api
Username: userapi
Password:
task-id: 83f4a31d-94a0-4bd2-a83f-bbfb7f7985bc

mgmt_cli show task task-id "83f4a31d-94a0-4bd2-a83f-bbfb7f7985bc" --context gaia_api
Username: userapi
Password:
tasks:
- execution-time: '0.02'
last-update-time: 2023-12-27T16:03+0.00.0
progress-description: succeeded
progress-percentage: 100
start-time: 2023-12-27T16:03+0.00.0
status: succeeded
status-code: 200
task-details:
- error: L2Jpbi9zaDogL3Jlc3RfYXBpLy9ydW5TY3JpcHRUZW1wLnNoLTgzZjRhMzFkLTk0YTAtNGJkMi1hODNmLWJiZmI3Zjc5ODViYzogUGVybWlzc2lvbiBkZW5pZWQ=
output: ''
return-value: 126
task-id: 83f4a31d-94a0-4bd2-a83f-bbfb7f7985bc
task-name: /run-script
time-spent-in-queue: '0.26'

This is Gaia API my friend, not MGMT API.

Try use the following:

https://sc1.checkpoint.com/documents/latest/GaiaAPIs/index.html#web/run-script~v1.7%20

https://sc1.checkpoint.com/documents/latest/GaiaAPIs/index.html#web/show-task~v1.7%20

I had only tried with  gaia api v1.6 and v1.7 and I got the error I reported

I got the error with gaia api and full admin rigthts

add rba user userapi roles adminRole

a. Please make sure you ran gaia_api access --user <admin>--enable true

b. I noticed this works only when the UID of the user is 0, and not between 103 and 65533.

Thanks Amir,
a. yeah, It was already configured, I have never had any issue with readonly type of api queries
b.  I have set uid to 0 and now I get a different error

[Expert@dc1fwo2a:0]# mgmt_cli show task task-id "c50b12b9-db35-4f2e-80ad-6223b4b2e237" --context gaia_api
Username: userapi
Password:
tasks:
- execution-time: '0.03'
last-update-time: 2023-12-28T10:26+0.00.0
progress-description: succeeded
progress-percentage: 100
start-time: 2023-12-28T10:26+0.00.0
status: succeeded
status-code: 200
task-details:
- error: c2hvdzogY29tbWFuZCBub3QgZm91bmQ=
output: ''
return-value: 127
task-id: c50b12b9-db35-4f2e-80ad-6223b4b2e237
task-name: /run-script
time-spent-in-queue: '0.21'

Use this syntax:

mgmt_cli run-script script "cplic print" --context gaia_api

Hey Amir,

I just tested that command in my mgmt R81.20 jumbo 41 lab and got below, not sure if that looks right?

Best,

Andy

[Expert@CP-management:0]# mgmt_cli run-script script "cplic print" --context gaia_api
Username: admin
Password:
task-id: 8d6634bc-86b4-48d1-90cc-2cc5f0f8bc06

[Expert@CP-management:0]#

Never mind, appears its good based on the task ID

Best,

Andy

[Expert@CP-management:0]# mgmt_cli run-script script "cplic print" --context gaia_api
Username: admin
Password:
task-id: 8d6634bc-86b4-48d1-90cc-2cc5f0f8bc06

[Expert@CP-management:0]# ^C
[Expert@CP-management:0]# mgmt_cli show task task-id "8d6634bc-86b4-48d1-90cc-2cc5f0f8bc06" --context gaia_api
Username: admin
Password:
tasks:
- execution-time: '0.21'
last-update-time: 2023-12-28T08:22+19.00.0
progress-description: succeeded
progress-percentage: 100
start-time: 2023-12-28T08:22+19.00.0
status: succeeded
status-code: 200
task-details:
- error: ''
output: SG9zdCAgICAgICAgICAgICBFeHBpcmF0aW9uICBGZWF0dXJlcyAgICAgICAgICAgIAoxNzIuMTYuMTAuMjUyICAgIDEwSmFuMjAyNCAgIENQU00tQy1VIENQU0ItTlBNIENQU0ItRVBNIENQU0ItTE9HUyBDUFNCLU1OVFIgQ1BTQi1QUlZTIENQU0ItVURJUiBDUFNCLVdLRkwtMTAwIENQU0ItV1MgQ1BTQi1NUFRMIENQVlAtU05YLVUtTkdYIENQU0ItU1dCIENQU0ItQUROQy1NIENQU0ItUlBSVC1VIENQU0ItRVZDUi1VIENQU0ItU1NMVlBOLU1PQk1BSUwrNTAwMCBDUFNCLUNPTVAtMTUwIENLLUZGQjI0NzE2REZCOAoKQ29udHJhY3QgQ292ZXJhZ2U6CgogIyAgIElEICAgICAgICAgIEV4cGlyYXRpb24gICBTS1UgICAgICAgICAgICAgICAgIAo9PT0rPT09PT09PT09PT0rPT09PT09PT09PT09Kz09PT09PT09PT09PT09PT09PT09CjEgIHwgWVUzWTNPSCAgIHwgIDlGZWIyMDI0ICB8IENQU0ItWlAtRVZBTAogICArLS0tLS0tLS0tLS0rLS0tLS0tLS0tLS0tKy0tLS0tLS0tLS0tLS0tLS0tLS0tCiAgIHxDb3ZlcnM6ICAgICBDUFNNLUMtVSBDUFNCLU5QTSBDUFNCLUVQTSBDUFNCLUxPR1MgQ1BTQi1NTlRSIENQU0ItUFJWUyBDUFNCLVVESVIgQ1BTQi1XS0ZMLTEwMCBDUFNCLVdTIENQU0ItTVBUTCBDUFZQLVNOWC1VLU5HWCBDUFNCLVNXQiBDUFNCLUFETkMtTSBDUFNCLVJQUlQtVSBDUFNCLUVWQ1ItVSBDUFNCLVNTTFZQTi1NT0JNQUlMKzUwMDAgQ1BTQi1DT01QLTE1MCBDSy1GRkIyNDcxNkRGQjgKPT09Kz09PT09PT09PT09Kz09PT09PT09PT09PSs9PT09PT09PT09PT09PT09PT09PQoyICB8IEpKMzVSNTUgICB8ICA5RmViMjAyNCAgfCBDUFNCLUlQUy1FVkFMCiAgICstLS0tLS0tLS0tLSstLS0tLS0tLS0tLS0rLS0tLS0tLS0tLS0tLS0tLS0tLS0KICAgfENvdmVyczogICAgIENQU00tQy1VIENQU0ItTlBNIENQU0ItRVBNIENQU0ItTE9HUyBDUFNCLU1OVFIgQ1BTQi1QUlZTIENQU0ItVURJUiBDUFNCLVdLRkwtMTAwIENQU0ItV1MgQ1BTQi1NUFRMIENQVlAtU05YLVUtTkdYIENQU0ItU1dCIENQU0ItQUROQy1NIENQU0ItUlBSVC1VIENQU0ItRVZDUi1VIENQU0ItU1NMVlBOLU1PQk1BSUwrNTAwMCBDUFNCLUNPTVAtMTUwIENLLUZGQjI0NzE2REZCOAo9PT0rPT09PT09PT09PT0rPT09PT09PT09PT09Kz09PT09PT09PT09PT09PT09PT09CjMgIHwgQjdUWUNPRiAgIHwgIDlGZWIyMDI0ICB8IENQU0ItVEVYLUVWQUwKICAgKy0tLS0tLS0tLS0tKy0tLS0tLS0tLS0tLSstLS0tLS0tLS0tLS0tLS0tLS0tLQogICB8Q292ZXJzOiAgICAgQ1BTTS1DLVUgQ1BTQi1OUE0gQ1BTQi1FUE0gQ1BTQi1MT0dTIENQU0ItTU5UUiBDUFNCLVBSVlMgQ1BTQi1VRElSIENQU0ItV0tGTC0xMDAgQ1BTQi1XUyBDUFNCLU1QVEwgQ1BWUC1TTlgtVS1OR1ggQ1BTQi1TV0IgQ1BTQi1BRE5DLU0gQ1BTQi1SUFJULVUgQ1BTQi1FVkNSLVUgQ1BTQi1TU0xWUE4tTU9CTUFJTCs1MDAwIENQU0ItQ09NUC0xNTAgQ0stRkZCMjQ3MTZERkI4Cj09PSs9PT09PT09PT09PSs9PT09PT09PT09PT0rPT09PT09PT09PT09PT09PT09PT0KNCAgfCBYOUJBUzk3ICAgfCAgOUZlYjIwMjQgIHwgQ1BTQi1DVE5ULUVWQUwKICAgKy0tLS0tLS0tLS0tKy0tLS0tLS0tLS0tLSstLS0tLS0tLS0tLS0tLS0tLS0tLQogICB8Q292ZXJzOiAgICAgQ1BTTS1DLVUgQ1BTQi1OUE0gQ1BTQi1FUE0gQ1BTQi1MT0dTIENQU0ItTU5UUiBDUFNCLVBSVlMgQ1BTQi1VRElSIENQU0ItV0tGTC0xMDAgQ1BTQi1XUyBDUFNCLU1QVEwgQ1BWUC1TTlgtVS1OR1ggQ1BTQi1TV0IgQ1BTQi1BRE5DLU0gQ1BTQi1SUFJULVUgQ1BTQi1FVkNSLVUgQ1BTQi1TU0xWUE4tTU9CTUFJTCs1MDAwIENQU0ItQ09NUC0xNTAgQ0stRkZCMjQ3MTZERkI4Cj09PSs9PT09PT09PT09PSs9PT09PT09PT09PT0rPT09PT09PT09PT09PT09PT09PT0KNSAgfCBGRlVUS1pMICAgfCAgOUZlYjIwMjQgIHwgQ1BTQi1URS1FVkFMCiAgICstLS0tLS0tLS0tLSstLS0tLS0tLS0tLS0rLS0tLS0tLS0tLS0tLS0tLS0tLS0KICAgfENvdmVyczogICAgIENQU00tQy1VIENQU0ItTlBNIENQU0ItRVBNIENQU0ItTE9HUyBDUFNCLU1OVFIgQ1BTQi1QUlZTIENQU0ItVURJUiBDUFNCLVdLRkwtMTAwIENQU0ItV1MgQ1BTQi1NUFRMIENQVlAtU05YLVUtTkdYIENQU0ItU1dCIENQU0ItQUROQy1NIENQU0ItUlBSVC1VIENQU0ItRVZDUi1VIENQU0ItU1NMVlBOLU1PQk1BSUwrNTAwMCBDUFNCLUNPTVAtMTUwIENLLUZGQjI0NzE2REZCOAo9PT0rPT09PT09PT09PT0rPT09PT09PT09PT09Kz09PT09PT09PT09PT09PT09PT09
return-value: 0
task-id: 8d6634bc-86b4-48d1-90cc-2cc5f0f8bc06
task-name: /run-script
time-spent-in-queue: '0.26'

[Expert@CP-management:0]#

Sure, no problem with the admin user

That is the syntax I use and that is how I get the error I reported

From earlier comments I saw you used this:
"mgmt_cli run-script script "show version" --context gaia_api"

If we translate error field output from base64 we get: "show: command not found"

If you fixed the syntax, please send new syntax + response and I'll try to figure out further.

Ah, okay. Yeah, you are right. So if the uid = 0, it works. 
So in the end this user has a User ID of 0, and therefore has all of the privileges of a root user.

It would be nice if the output of "cplic print" was in the api directly and therefore we didn't need to run a query with full admin rights.

Based on this post I created an improvement request and if nothing goes wrong I think it will be implemented in one of upcoming versions.

Thanks very much Amir
What main version do you think? I guess no R80.40, right?
Is there any way to know more details of this improvement and track it maybe in the release notes? Does it have an ID or something?

By upcoming, it will likely mean a future (unreleased) version.
The next major release is R82. 

API scripts run in the bash context.  If  you need  it to run a clish command you need to run the command:

mgmt_cli -run-script script "clish -c 'show version all'" --context gaia_api

Tested this working: