- CheckMates
- :
- Products
- :
- Developers
- :
- API / CLI Discussion
- :
- /web_api/add-administrator
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
/web_api/add-administrator
Hello,
I need some help with web_api request. I m getting error:
{"code": "err_inappropriate_domain_type", "message": "This command can work only on domains of type MDS. Cannot execute it in the current domain (current domain type is Domain)."}
Need to creat new adminstrator account via web_api on Check Point Smart Concole.
My payload looks like:
Using set:
Check Point - Management API reference
R81.10
SmartConsole 81.10.9600.409
Got only one system domain, nothing more.
Using mgmt_cli everything working proper.
mgmt_cli working properly.
mgmt_cli add administrator name "test123" password "test123" must-change-password false email "test@gmail.com" phone-number "1800-800-800" authentication-method "check point password" permissions-profile "read only all" --domain 'System Data' --format json -u xxxxxx-p 'xxxxxxyyyyyy'
Any idea how the payload should looks like to be a proper query on web_api?
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Szymon2022,
There is an example in the API reference guide under the "login" API endpoint
https://sc1.checkpoint.com/documents/latest/APIs/index.html#web/login~v1.9%20 > example > "login to domain".
just change the value "domain name" to "System Data"
Request
POST {{server}}/login Content-Type: application/json { "user" : "aa", "password" : "aaaa", "domain" : "Domain Name" }
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
When you did the login call, did you log into the "System Data" domain?
If not, this API call will fail in the manner described.
Note this should be required on mgmt_cli as well (or at least it was last time I checked).
@Omer_Kleinstern can we make it more explicit in the documentation which API calls can only be executed in the "System Data" domain?
A more informative error message would also be useful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
From the description of the add-administrator command:
"This command is available only after logging in to the System Data domain."
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
On a related note, is there a list of all of the API calls which are only available on the System Data domain?
Are there any calls which are available outside System Data but which aren't fully functional?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That's right so how to login in to system data via Web Services (WebAPI)?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In the past few days I was searching the proper url and proper payload to login in to system data. And I couldnt find it out.
I realised that I need to be login in to the system data first but do not know how to do it.
"code" : "generic_err_invalid_syntax",
"message" : "Login request message processing failed"
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Szymon2022,
There is an example in the API reference guide under the "login" API endpoint
https://sc1.checkpoint.com/documents/latest/APIs/index.html#web/login~v1.9%20 > example > "login to domain".
just change the value "domain name" to "System Data"
Request
POST {{server}}/login Content-Type: application/json { "user" : "aa", "password" : "aaaa", "domain" : "Domain Name" }
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your suggestion. That was it.
Below the correct query simple example:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Domain should be a string, not an object. It should contain either the name or the UUID of the domain.