- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Web service APIs that follow the practices of the REST architectural constraints are called RESTful APIs. It is the mechanism that allows for systems to access, manipulate , delete , change and add resources on an application via web services. The Security Management API is a HTTP-based RESTful API.
In general HTTP-based RESTful APIs are defined as follows:
To keep int simple we are in the Check Point Security Management API only relying on the standard HTTP method called POST to send API calls. In the body (payload) we are using a JavaScript Object Notation (JSON) style format.
JSON is a textual representation defined by a small set of governing rules in witch data is structured, making it:
JSON specification states that data can be structured in either of the two following compositions
Where name is just a string, value must be of type
An object is represented as a pair of curly bracket, { and } surrounding zero or more name/value pairs
{ }
{"name" : "New Layer 1"}
{“user“ : “Jim", “password“ : “MyPwd“}
An array is represented as pair of square bracket , [ and ] surrounding zero or more values
[ ]
["First", "Second", "Third"]
{ "tags" : ["First", "Second", "Third"]}
Because objects and arrays can nest. Trees and other complex data structures can be represented
In addition to sending API calls formatted as HTTP-based POST requests using JSON format in the body (payload) via a web service. R&D have created an portable executable called mgmt_cli that runs on Windows and Linux. This executable translates the CLI commands issued toward the executable into HTTP-based RESTful API calls and sends them encrypted over HTTPS to the management server.
Using the mgmt_cli the above API call would look something like the following:
mgmt_cli add host name “host1” ip-address “1.1.1.1” tags.1 "First" tags.2 "Second" tags.3 "Third" nat-settings.auto-rule “true” nat-settings.ip-address "192.0.0.1"
mgmt_cli -r true -f json add host name "host1" ip-address "1.1.1.1" tags.1 "First" tags.2 "Second" tags.3 "Third" nat-settings.auto-rule "true" nat-settings.ip-address "192.0.0.1"
As you can see an JSON object using the mgmt_cli is crated using name/value pairs. (For example name “host1”)
Wile a JSON array used as values in a object is created using name.1 "value" name.2 "value" name.3 "value". (For example tags.1 "First" tags.2 "Second" tags.3 "Third")
If you would like to add a tag into an array with existing tags you can in mgmt_cli type name.add "value" For example:
mgmt_cli -r true set host name host1 tags.add "Fourth"
The operational flow is exactly the same for the API as it is for the GUI Login > Get Session > Do changes > Publish > Logout
Sounds very nice !
Nice work, Jim.
This is a must doc for management API users.
Robert.
Excellent post for beginners and advanced users as well!
Thanks alot, great work
Greetings fellow APIans.... Does anyone know of a way to create objects via Tags using the RESTful API's?
Thank you in advance...
-Diego
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY