Check Point Management API
REST API for the Smart-1 Security Management Server. Automates policy and object management including host/network/service objects, access and NAT rulebases, and publish/install operations.
OpenAPI Specification
openapi: 3.1.0
info:
title: Check Point Management API
description: >-
REST API for the Check Point Smart-1 Security Management Server. Allows
automation of policy and object management including network and host
objects, services, security policies, access rules, NAT rules, and
publish/install operations.
version: '2.0'
contact:
name: Check Point Support
url: https://www.checkpoint.com/support-services/
externalDocs:
description: Check Point Management API Reference
url: https://sc1.checkpoint.com/documents/latest/APIs/
servers:
- url: https://{server}/web_api
description: Smart-1 Management Server
variables:
server:
default: management.example.com
tags:
- name: Login
- name: Hosts
- name: Networks
- name: Services
- name: Access Rules
- name: NAT Rules
- name: Sessions
security:
- sidToken: []
paths:
/login:
post:
operationId: login
summary: Authenticate and obtain a session ID
tags: [Login]
security: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [user, password]
properties:
user:
type: string
password:
type: string
domain:
type: string
responses:
'200':
description: Session details
content:
application/json:
schema:
type: object
properties:
sid:
type: string
uid:
type: string
api-server-version:
type: string
/logout:
post:
operationId: logout
summary: Logout the current session
tags: [Login]
responses:
'200':
description: Logout successful
/publish:
post:
operationId: publish
summary: Publish session changes
tags: [Sessions]
responses:
'200':
description: Changes published
/install-policy:
post:
operationId: installPolicy
summary: Install policy package on selected gateways
tags: [Sessions]
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [policy-package]
properties:
policy-package:
type: string
targets:
type: array
items:
type: string
responses:
'200':
description: Policy install task started
/show-hosts:
post:
operationId: showHosts
summary: Show host objects
tags: [Hosts]
responses:
'200':
description: Hosts list
/add-host:
post:
operationId: addHost
summary: Add a host object
tags: [Hosts]
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [name, ip-address]
properties:
name:
type: string
ip-address:
type: string
responses:
'200':
description: Host created
/show-networks:
post:
operationId: showNetworks
summary: Show network objects
tags: [Networks]
responses:
'200':
description: Networks list
/show-services-tcp:
post:
operationId: showServicesTcp
summary: Show TCP service objects
tags: [Services]
responses:
'200':
description: TCP services list
/show-access-rulebase:
post:
operationId: showAccessRulebase
summary: Show access rulebase
tags: [Access Rules]
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [name]
properties:
name:
type: string
description: Layer name
responses:
'200':
description: Rulebase
/add-access-rule:
post:
operationId: addAccessRule
summary: Add an access rule
tags: [Access Rules]
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [layer, position]
properties:
layer:
type: string
position:
oneOf:
- type: string
- type: object
name:
type: string
source:
type: array
items:
type: string
destination:
type: array
items:
type: string
service:
type: array
items:
type: string
action:
type: string
enum: [Accept, Drop, Reject]
responses:
'200':
description: Access rule created
/show-nat-rulebase:
post:
operationId: showNatRulebase
summary: Show NAT rulebase
tags: [NAT Rules]
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
package:
type: string
responses:
'200':
description: NAT rulebase
components:
securitySchemes:
sidToken:
type: apiKey
in: header
name: X-chkp-sid
description: Session ID issued by /login.