--- title: "Getting Started" slug: "api-getting-started" updated: 2026-04-07T08:59:08Z published: 2026-04-07T08:59:08Z canonical: "support.perimeter81.com/api-getting-started" stale: true --- > ## Documentation Index > Fetch the complete documentation index at: https://support.perimeter81.com/llms.txt > Use this file to discover all available pages before exploring further. # Getting Started ## About Check Point SASE Check Point SASE provides secure access to local networks, applications and cloud infrastructures with one unified platform. By transforming the outdated, hardware-based security appliances into a cloud-based SaaS solution, we are simplifying network security for the modern and distributed workforce and helping organizations of all sizes and in many industries to secure their remote workers. ## API Classes All API requests should be sent to the relevant path classes under the main Check Point SASE API Gateway URL - [](https://api.perimeter81.com/api)*https://api.perimeter81.com/api/rest*. The main path classes are **Users**, **Groups**, **Addons**, and **Networks** (while additional path classes will be introduced soon). - **Users**, also known as members, belong to Groups. - **Groups** consist of applications, networks, locations, and users. - **Networks** hold information, such as geographic location, regions, and details about instances and regional identity providers. - **Addons** consist of license and billing information for members and gateways and form the basis of a Subscription Applications, Devices, Logs, and Settings will be released soon. ## Getting Started In order to access the Check Point SASE API, the user must belong to either the Premium Plus or Enterprise plan. If the user does not belong to one of the plans, in the **Settings** page, the message ‘Your current plan doesn’t include API Support’ will appear under **API Support**. API Rate LimitBe aware: As of now, there is an API rate limit of 500 requests per 5-minute period, for each IP address. ### Authentication and Authorization Note:You may use the Swagger Editor ([https://editor.swagger.io](https://editor.swagger.io/)) to send different API requests to the Check Point SASE API gateway. Check Point SASE uses two-step secure tokens for authentication. The first token, known as the API key, is used to generate the second token, a time-based access token. Following are instructions for generating the tokens. 1. In the **Web Management Console** -> **Settings** -> **API Support**, click on **(+)****Generate New Key**. 2. In the **Generate New API Key** dialog box, enter the **Key Name**. 3. In the **Expiration Date** dropdown select the validity period of the **API Key**. 4. In the **Key****Permissions** dropdown, select the required permissions, such as ‘View list of users’, ‘Add new members’, and ‘Delete groups’. 5. Click on **Generate** to create the desired API Key. Once the **API Key** is generated it will be copied to the clipboard automatically. 6. The new API Key will be shown in the **Active Tokens** list. 7. Now you can use the API Key to generate a temporary **access token** with a call to the [**authorize**](/v1/docs/authorize) endpoint. ### Base URI The base URI to the API is: - For US:  [https://api.perimeter81.com/api/rest](https://api.perimeter81.com/api/rest) - For EU: [https://api.eu.sase.checkpoint.com/api/rest](https://api.perimeter81.com/api/rest) Media Type The media type for all requests is application/json for all requests. ### Basic Workflow The basic workflow consists of: 1. Add users (members) using POST /v1/users. 2. Create groups using POST /v1/groups. 3. Add members to groups using POST /v1/groups/{groupId}/member/{userId}. 4. Add licenses for members and gateways using POST /v1/addons/members and POST /v1/addons/gateways. 5. Use the GET and DELETE methods to manage the Users and Groups resources.