Technical Tip: How to create an API user request with no token

Description

This article describes how to create an API user (with no token) request using Postman.

Scope

FortiEDR queries using the API (no authentication/basic authentication).

Solution

Log in to the management console and perform the following steps:

1. Create a user with the Rest API checkbox enabled under Console -> Administration -> Users -> Add User. Fill in the user details and desired role, then select Save.

(Make sure to check the REST API checkbox.)

2. Under Administration -> Users, select the lock icon. This action will open a pop-up window to reset the password:

3. Set a new password and uncheck the 'Require a change of password in the next sign in' option.

This action should be followed by a pop-up message confirming the password change.

4. Open the Postman application and use the following details (example request):

Get:   https://YourOrganizationURL.com/management-rest/exceptions/list-exceptions 

Another example: 

https://<your_organization_URL.com Here>/management-rest/exceptions/list-collectors 

In the Postman -> Authorization tab, choose Auth Type: Basic Auth and fill in the username and password.

Both Organization name and username are case-sensitive, including spaces.

If the user name alone does not work, insert the organization name (case-sensitive) before the user name as follows: (Organization_Name\User.Name).

Running the query should result in the status '200 OK'.

For further information regarding the available queries, refer to the FortiEDR API Guide