This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Harald_Hansen
Advisor
‎2020-09-21 03:50 AM

Support for api key

Jump to solution

As R80.40 support users with API key, we need a method to login using this feature.

Keys are easier to work with in automation and I think the code only needs a small adjustment to support this.

if command == "login":

...

if command == "login-api":

# Login parameters:
api_key = parameters.get("user", parameters.get("api-key"))
...
# Tries to login:
client.login_with_api_key(api_key, domain=domain, payload=payload)
0 Kudos
1 Solution

Accepted Solutions
masher
Employee
Employee
‎2020-09-21 11:17 AM
In response to Harald_Hansen

Jump to solution

This collection was necessary because Ansible did not have any support for Check Point management. This did not happen until Ansible 2.9. If this module is being used, I recommended updating playbooks to use the official management API modules collection.  If you would still rather use the github repository rather than ansible galaxy, then the new module (synced with Ansible Galaxy) should be used.

- https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection

 

View solution in original post

0 Kudos
4 Replies
masher
Employee
Employee
‎2020-09-21 06:44 AM

Jump to solution

Use of API keys have been supported since the 1.0.5 release of the Ansible module.

- https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection/releases/tag/1.0.5

 

 

0 Kudos
Harald_Hansen
Advisor
‎2020-09-21 06:50 AM
In response to masher

Jump to solution

Thank you!

I looked into https://github.com/CheckPointSW/cpAnsible

What is the reason to have this as well?

0 Kudos
masher
Employee
Employee
‎2020-09-21 11:17 AM
In response to Harald_Hansen

Jump to solution

This collection was necessary because Ansible did not have any support for Check Point management. This did not happen until Ansible 2.9. If this module is being used, I recommended updating playbooks to use the official management API modules collection.  If you would still rather use the github repository rather than ansible galaxy, then the new module (synced with Ansible Galaxy) should be used.

- https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection

 

0 Kudos
Alex_Mitsevich
Employee
Employee
‎2020-09-21 06:55 AM

Jump to solution

Hi Harald,

Indeed, the API Key is supported since R80.40 (Management API v1.6).

Administrators of Management Server can use this method of authentication along with other existing methods.

Of course, a corresponding administrator account should be set to use this method, and an API key should be generated.

This configuration can be done in the SmartConsole, or using the Management API:

https://sc1.checkpoint.com/documents/latest/APIs/#cli/add-api-key~v1.6%20

https://sc1.checkpoint.com/documents/latest/APIs/#cli/add-administrator~v1.6%20

The login command can be found here.

0 Kudos