Check Point - AI Security JS/TS SDK (Workforce AI + Browse Security)

This is the official Check Point AI Security SDK for JavaScript/TypeScript, covering both Workforce AI and Browse Security products.

The SDK is based on the public AI Security OpenAPI and Browse Security OpenAPI specifications.

With the SDK, you do not have to manage log in, send keep alive requests, or worry about session expiration.

The SDK supports simultaneous instances with different tenants, and both products can be used independently or together.

SDK installation

npm install @chkp/ai-security-sdk

Getting started

Import the SDK classes for the product(s) you need:

import { AISecurity, BrowseSecurity } from '@chkp/ai-security-sdk';

• AISecurity — Workforce AI Security (Chats policy, Access policy, Agents policy, etc.)
• BrowseSecurity — Browse Security (Secure Browsing policy, DLP policy, web access policy, etc.)

Each class manages its own session independently. Create an instance and provide CloudInfra API credentials to connect.

Obtaining API credentials

1. Go to the Infinity Portal API Keys page.
2. Click New > New Account API Key.
3. In the Service dropdown select:
   • Workforce AI Security for AISecurity
   • Browser Security for BrowseSecurity
4. Copy the Client ID, Secret Key, and Authentication URL (gateway).

For more information, see Infinity Portal Administration Guide.

Available gateways

Region	Gateway URL
Europe	https://cloudinfra-gw.portal.checkpoint.com
United States	https://cloudinfra-gw-us.portal.checkpoint.com

Once the Client ID, Secret Key, and Authentication URL are obtained, the SDK can be used.

All API operations can be explored on SwaggerHub:

• Workforce AI Security APIs
• Browse Security APIs

Workforce AI Security example

import { AISecurity } from '@chkp/ai-security-sdk';

const ai = new AISecurity();
await ai.connect({
    clientId: 'your-client-id',
    accessKey: 'your-secret-key',
    gateway: 'https://cloudinfra-gw-us.portal.checkpoint.com',
});

const rulebase = await ai.chatsPolicyApi.getChatsRulebaseExternalV1ChatsRulebaseGet();
console.log(rulebase.data);

ai.disconnect();

Browse Security example

import { BrowseSecurity } from '@chkp/ai-security-sdk';

const browse = new BrowseSecurity();
await browse.connect({
    clientId: 'your-client-id',
    accessKey: 'your-secret-key',
    gateway: 'https://cloudinfra-gw-us.portal.checkpoint.com',
});

const rulebase = await browse.dlpPolicyApi.getDlpRulebaseExternalV1DlpRulebaseGet();
console.log(rulebase.data);

browse.disconnect();

Using both products together

import { AISecurity, BrowseSecurity } from '@chkp/ai-security-sdk';

const auth = {
    clientId: 'your-client-id',
    accessKey: 'your-secret-key',
    gateway: 'https://cloudinfra-gw-us.portal.checkpoint.com',
};

const ai = new AISecurity();
const browse = new BrowseSecurity();

await ai.connect(auth);
await browse.connect(auth);

// Workforce AI
const chats = await ai.chatsPolicyApi.getChatsRulebaseExternalV1ChatsRulebaseGet();

// Browse Security
const dlp = await browse.dlpPolicyApi.getDlpRulebaseExternalV1DlpRulebaseGet();

ai.disconnect();
browse.disconnect();

Troubleshooting and logging

The full version and build info of the SDK is available via the info() static method on each class:

console.log(AISecurity.info());       // Workforce AI build info
console.log(BrowseSecurity.info());   // Browse Security build info

AI Security JS/TS SDK uses the debug package for logging.

There are 3 loggers, for general info, errors and to inspect network.

As default they will be disabled, in order to enable logging, set the DEBUG environment variable before running:

DEBUG="chkp_ai_security_sdk:*"

And for a specific/s logger set the logger name followed by a comma as following:

DEBUG="chkp_ai_security_sdk:info,chkp_ai_security_sdk:error,chkp_ai_security_sdk:network"

Report Bug

In case of an issue or a bug found in the SDK, please open an issue.

Contributors

• Haim Kastner - haimk@checkpoint.com