Create an exception

URI - POST

To use this endpoint, send a POST request to create an exception with specific type (excType): /exceptions/{excType}

Request

The request includes an HTTP headers (obtained in the authentication/authorization process and used to sign the request) with request parameters posted on the request body.

Request Headers

Header	Type	Required	Format	Description/Sample
x-av-req-id	String	Yes	UUID – Generated and supplied on the request.	d290f1ee-6c54-4b01-90e6-d701748f085 1
Authorization	Bearer Token	Yes	Bearer <API Access Token>	A string Bearer followed by the API Access Token. See Generating API Access Token. For example, assuming that the API Access Token is 1234, the Bearer Token will be Bearer 1234

Header

Type

Required

Format

Description/Sample

x-av-req-id

String

Yes

UUID – Generated and supplied on the request.

d290f1ee-6c54-4b01-90e6-d701748f085 1

Authorization

Bearer Token

Yes

Bearer <API Access Token>

A string Bearer followed by the API Access Token. See Generating API Access Token.

For example, assuming that the API Access Token is 1234, the Bearer Token will be Bearer 1234

Request String Parameters

Parameter	Type	Required	Format	Description/Sample
excType	String	Yes		Exception type: Whitelist Blacklist

Parameter

Type

Required

Format

Description/Sample

excType

String

Yes

Exception type:

Whitelist
Blacklist

Request Body

All applicable request parameters are posted on the request body JSON:

Copy

{
    "requestData": 
    {
        "attachmentMd5": "string",
        "senderEmail": "string", 
        "senderName": "string", 
        "recipient": "string",
        "senderClientIp": "string", 
        "senderDomain": "string", 
        "senderIp": "string", 
        "linkDomains": "string"
        , "subject": "string",
        "comment": "string",
        "actionNeeded": "string",
        "matchOnlyFuture": "string",
        "quarantineAll": "string", 
        "ignoringSpfCheck": "boolean",
        "subjectMatching": "string",
        "linkDomainMatching": "string",
        "senderNameMatching": "string",
        "senderDomainMatching": "string", 
        "senderEmailMatching": "string", 
        "recipientMatching": "string"
    }
}

Request Body Parameters

The JSON parameters:

Parameter	Type	Required	Description/Sample
requestData	Object		A container for action request
attachmentMd5	String	No	4437981ad343f816a65030504bed0e7d
senderEmail	String	No	Sender's email
senderName	String	No	Sender's name
recipient	String	No	user2@email.com
senderClientIp	String	No	192.168.1.1
senderDomain	Integer	No	email.com
senderIp	Boolean	No	192.168.1.2
linkDomains	String	No	domain.com
subject	String	No	Block this email
comment	String	No
actionNeeded	String	No	phishing
subjectMatching	String	No	contains
linkDomainMatching	String	No	contains
senderNameMatching	String	No	contains
senderDomainMatching	String	No	endswith
recipientMatching	String	No	match

Request sample (CURL) format

This request sample shows URI base in USA region. For URI base in other regions, see URLs and URL Base.

Copy

curl -X POST -H "Accept: application/json" \
    -H "x-av-req-id: d290f1ee-6c54-4b01-90e6-d701748f3351" \
    -H "Authorization: Bearer 2462b23346ab0642b65d7d094aca5fb4c29fd96d0468deceae2704d258e81497" \
    -d “{"requestData": {"subject": "Allow this email", "senderEmail": "user@email.com", "senderIp": "192.168.1.1", "senderDomain": "email.com", "senderName": "Test User", "recipient": "user1@email.com", "subjectMatching": "contains", "linkDomainMatching": "contains", "senderEmailMatching": "contains", "senderDomainMatching": "contains", "comment": "created_by_smartapi", "actionNeeded": "phishing"}}” \
    https://cloudinfra-gw-us.portal.checkpoint.com/app/hec-api/v1.0/exceptions/whitelist

This sample creates a new whitelist exception rule with specified parameters.

Response

The response obtained from the service includes an HTTP response code and JSON formatted structure.

Response Structure

No response data structure

Response Parameters

The response parameters:

Parameter		Type	Description
responseEnvelope		Object	A container of metadata properties
	requestId	String	Request ID (from the request header x-av-req-id value)
	responseCode	Integer	0 = Success Other values = Failure
	responseTest	String	The text value of the response
	additionalText	String	Additional information
	recordsNumber	Integer	Number of records in response
	totalRecordsNumber	Integer	Total number of records
	scrollId	String	Unique ID used for scrolling

Response Sample

A valid response from the service:

Copy

{
    "responseEnvelope": 
    {
        "requestId": "d290f1ee-6c54-4b01-90e6", 
        "responseCode": 200,
        "responseText": "", 
        "additionalText": "", 
        "recordsNumber": 1, "scrollId": ""
    },    
    "responseData":[]
}