Permission errors when testing Cato API with Python

Question

HI all, I am currently working on a project to automate workflows in Cato with Python. I've already set and reviewed my API permissions and they should already inherit my account which is able to edit and view most of the resources.

However, I still get this error:

HTTP 200
{
"errors": [
{
"message": "permission denied",
"path": [
"licensing",
"licensingInfo"
],
"extensions": {
"code": "Code104"
}
}
],
"data": {
"licensing": {
"licensingInfo": null
}
}
}

I've been scouting the documentation on specific troubleshooting steps but I couldn't seem to find the answers i'm looking for. Any chance some folks could give me a quick guide on how to ensure I get the right permissions for my API keys?

This is the sample script i'm testing btw, it is to pull available licensing information for monitoring.

API_KEY = os.getenv("CATO_API_KEY")

API_URL = "https://api.catonetworks.com/api/v1/graphql2"
QUERY = """
{
  licensing(accountId: <ID_HERE>) {
    licensingInfo {
      globalLicenseAllocations {
        ztnaUsers {
          total
          allocated
          available
        }
      }
    }
  }
}
"""

async def main():
    headers = {
        "x-api-key": API_KEY,
        "Content-Type": "application/json"
    }

    async with aiohttp.ClientSession(headers=headers) as session:
        async with session.post(API_URL, json={"query": QUERY}) as resp:
            print("HTTP", resp.status)
            print(json.dumps(await resp.json(), indent=4))

asyncio.run(main())

michaelsaw · Answer

Hi Elmark,
Just to check, other queries such as AccountInfo (https://api.catonetworks.com/documentation/#definition-AccountInfo ) works well, right? ___
Would you like to review your syntax again?here is the ref. link: https://api.catonetworks.com/documentation/#definition-LicensingInfo&nbsp;
Cheers

mv · Answer

I have the same issue using both this python script and Peter's python example.

michaelsaw · Answer

Hi&nbsp;MV,&nbsp;
Would you share the error(s) shown?
Cheers
&nbsp;

elmark · Answer

Hi Michael,Thank you and sorry replying just now.I encounter similar outputs with other queries as well. Note that I've also tested queries using cato api explorer and encounter same results. I am thinking if there are anything else I need to look into with regards to the permissions for my account if that may be relevant.I may have also overlooked on how I configured the API key but not entirely sure of it. Your guidance would be very much appreciated.&nbsp;

mv · Answer

Here's the error.&nbsp;I'm editor and viewer (which are built-in roles if ir remember correctly) on our CATO account, so the API key should be able to get this information&nbsp; from what i understand.

Forum Discussion

Permission errors when testing Cato API with Python

5 Replies

Recent Discussions

Permission errors when testing Cato API with Python

API for Creating Users in CMA

Regarding the execution interval of the Azure Functions template for Cato log integration

Custom Category creation via API/Terraform

Terraform: IPsec site creation with Responder-only and destination type FQDN possible?