POST https://cloudinfra-gw-us.portal.checkpoint.com/app/harmony-endpoint-web/api/v1/endpoint/query
(I also tried /app/hec-api/v1/agents/query).
Result:
The server responds with:
403 Forbidden – perhaps check your credentials
or sometimes:
Authentication required
The token is active and valid (verified by decoding the JWT), so it doesn’t seem to be an authentication issue (401), but rather an authorization problem.
Based on the search results and your issue, it looks like there might be a mismatch between the API endpoints you’re trying to access. The documentation shows different authentication patterns for different Check Point services:
• For **Harmony Email & Collaboration**, the auth endpoint is `/auth/external` and uses different API paths like `/app/hec-api/v1.0/search/entity/`
• For **Harmony Endpoint**, you might need to use different API endpoints than what you’re trying
A few things to check:
• Verify you’re using the correct API base URL for Harmony Endpoint specifically (the docs show different paths for different services)
• Try using the HTTP client node in n8n with the exact headers: `Authorization: Bearer ` and `x-av-req-id` header with a UUID value
• Check if your API key permissions in Infinity Portal are correctly scoped for the specific Harmony Endpoint APIs you’re trying to access
The 403 error suggests your token is valid but doesn’t have permission for those specific endpoints. You might want to contact Check Point support to confirm the correct API endpoints for Harmony Endpoint management, as the documentation shows different patterns for different services.