# config system api-user2) How to login to FortiGate via curl.
edit "API"
set api-key ENC SH2V23PfJqBVpwCrvWlbMMnMw+TAZ8iuw01scTpQkiw0+bwDi/Zxf2qxM7+zyQ=
set accprofile "API"
set vdom "root"
set peer-auth enable
# config trusthost
edit 1
set ipv4-trusthost 10.191.47.0 255.255.255.0
next
end
set peer-group "TEST" ---> this is the important step
next
end
# curl --key ./<user private key> --cert <user certificate> -v --cacert <CA certtificate> https://<FQDN>/api/v2/cmdb/firewall/address/?access_token=<put the token after generation> --tlsv1.23) Example of the output via curl, if successful:
# curl --key ./useKeyr.pem --cert ./user.crt -v --cacert /etc/ssl/certs/Fortinet_CA https://FGVM020000158352/api/v2/cmdb/firewall/address/?access_token=t9t4sm6qpwHr8qGpyb3xy9ybts1t8r --tlsv1.2
* Server certificate:
* subject: C=US; ST=California; L=Sunnyvale; O=Fortinet; OU=FortiGate; CN=FGVM020000158352; emailAddress=support@fortinet.com
* start date: Oct 23 11:04:36 2019 GMT
* expire date: Jan 19 03:14:07 2056 GMT
* common name: FGVM020000158352 (matched)
* issuer: C=US; ST=California; L=Sunnyvale; O=Fortinet; OU=Certificate Authority; CN=fortinet-subca2001; emailAddress=support@fortinet.com
* SSL certificate verify ok.
> GET /api/v2/cmdb/firewall/address/?access_token=t9t4sm6qpwHr8qGpyb3xy9ybts1t8r HTTP/1.1
> Host: FGVM020000158352
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Wed, 08 Jul 2020 11:53:10 GMT
< Server: Apache
< X-Frame-Options: SAMEORIGIN
< Content-Security-Policy: frame-ancestors 'self'
< X-XSS-Protection: 1; mode=block
< Strict-Transport-Security: max-age=0
< X-UA-Compatible: IE=Edge
< Cache-Control: no-cache, must-revalidate
< ETag: 2a3997e13943e98865004c368a65a8de
< Content-Length: 7940
< Content-Type: application/json
<
{
"http_method":"GET",
"revision":"2a3997e13943e98865004c368a65a8de",
"results":[
{
"name":"FABRIC_DEVICE",
"q_origin_key":"FABRIC_DEVICE",
"uuid":"70ce8e32-b7a7-51ea-c80b-1fc1e86bfcfc",
"subnet":"0.0.0.0 0.0.0.0",
"type":"ipmask",
"sub-type":"sdn",
"clearpass-spt":"unknown",
"start-mac":"00:00:00:00:00:00",
"end-mac":"00:00:00:00:00:00",
"country":"",
"cache-ttl":0,
"sdn":"",
"fsso-group":[
],
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.