FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jfelix09
Staff
Staff
Article Id 371583
Description This article describes how to use the same api-token in different FortiGates.
Scope FortiGate.
Solution

The FortiGate API token is displayed only once upon creation and cannot be retrieved. The API token cannot be modified through the GUI or CLI. However, it is possible to restore the configuration for API users in the same FortiGate or on a different FortiGate.

 

  1. Back up the configuration of FortiGate-1.
  2. Open the FortiGate-1.conf file and find 'config system api-user'.
  3. Copy the configuration under 'config system api-user'.
  4. Back up the configuration of FortiGate-2.
  5. Openthe  'FortiGate-2.conf' file and find config system api-user, remove the existing settings and paste the copied settings from step 3.
    • Note: If 'config system api-user' is not present in FortiGate-2 backup, paste the settings at the end of the file.
  6. Confirm if an admin profile with the same name exists on FortiGate-2 under 'config system accprofile'. if not, it will be necessary to create it. Copy the acc-profile configuration from FortiGate-1 to FortiGate-2.
  7. Save the edited 'FortiGate-2.conf' file.
  8. A reboot is required to perform this step. Restore edited FortiGate-2 configuration: Configuration backup and restore (7.6.1)

 

If the API token is not regenerated, it will remain the same on both FortiGates.

 

Related document:

Using APIs

Contributors