Skip to main content
majid23
Staff
majid23
Staff
October 19, 2025

Technical Tip: In FortiOS 7.6.4 and later, administrator web authentication is handled by the http_authd process

  • October 19, 2025
  • 0 replies
  • 1386 views
Description This article describes the new http_authd daemon in FortiOS 7.6.4, which enhances administrator authentication and session handling for connections to the FortiGate GUI.
Scope FortiOS 7.6.4 and later.
Solution

In earlier FortiOS versions, the GUI operated using two main web service components, node and httpsd.

 

In FortiOS v7.6.4, a new internal daemon named http_authd is introduced. This daemon centralizes administrative web authentication and authorization functions needed by the web service processes.

 

After upgrading to FortiOS 7.6.4, administrators may observe a new process called http_authd in system process lists ('diagnose sys top' | 'fnsysctl ps').

 

When troubleshooting administrator web login in v7.6.4 and later, use the debug commands below to view authentication-related debug logs:

 

diagnose debug reset

diagnose debug console timestamp enable

diagnose debug application http_authd -1

diagnose debug enable

 

To stop the debugging:

 

diagnose debug disable

diagnose debug reset

 

Example debug output for an administrator GUI login 2FA using email-based OTP:

 

authd 2121 - 1758910774     info] http_authd_handler_main_loop[702] -- Received "login" request (seq: 11746) from 10.177.250.10 (152 bytes)

http_authd 2121 - 1758910774     info] http_authd_request_handler[520] -- ===============================================

[http_authd 2121 - 1758910774     info] http_authd_login_attempt[942] -- entering vdom for login_attempt (vdom='root')

[http_authd 2121 - 1758910774     info] http_authd_login_attempt[1022] -- login_attempt (method=6, vdom='root', name='Testuser',admin_name='Testuser', auth_svr=''), result code: 2

[http_authd 2121 - 1758910774     info] http_authd_login_tfa[1277] -- TFA: Token type: 2, Token info: abxxx@xxxxxxxx.com.

[http_authd 2121 - 1758910774     info] http_authd_login_request_token[1238] -- Sending TFA token via e-mail/SMS.

[http_authd 2121 - 1758910774     info] http_authd_login_send_token_code[1149] -- sending 2FA token email to 'abcXXXXXXXXXXXXXXX'

[http_authd 2121 - 1758910774     info] http_authd_login_set_admin_session[402] -- VDOM updated to 'root'

[http_authd 2121 - 1758910774     info] http_authd_login_create_admin_session[294] -- Setting login context from GUI(10.177.250.10)

[http_authd 2121 - 1758910774     info] http_authd_request_handler[539] -- Successfully handled "login" request.

[http_authd 2121 - 1758910774 info] http_authd_request_handler[577] -- -----------------------------------------------

 

The http_authd session list can be viewed with the new command 'diagnose http_authd session list'. See FortiOS v7.6 New Features Guide | Enhance administrative authentication and session monitoring.
      Terms & ConditionsAccessibility statement