FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ydong01
Staff
Staff
Article Id 196540
Description
This article provides a basic guideline to use REST API access FortiGate.
Traditionally, SSH and WEBGUI access to FortiGate are used. However, FortiGate provides another interface, REST API, that is for programmer to develop other features such as DevOps and automation. It is simple and easy to use.

Useful link:
Fortinet documentation: For detailed documents and tools, join https://fndn.fortinet.net


Solution
FortiGate REST API:

1) How to login to FortiGate
# curl -k -i -X POST https://x.x.x.x/logincheck -d "username=yyy&secretkey=zzz" --dump-header headers.txt -c cookies.txt
x.x.x.x  is FortiGate IP address
yyy     is administrator name
zzz     is administrator’s password

This will generate 2 files:

headers.txt:   It contains all information about the authentication. This file will be needed for GET commands
cookies.txt:   It contain the cookie generated for the authentication. This file will be needed for POST commands

2) How to GET static route
#curl -k -i -X GET https://x.x.x.x/api/v2/cmdb/router/static -b headers.txt
Result:

{
  "http_method":"GET",
  "revision":"3.0.0.9538334086034185130.1563241202",
  "results":[
    {
      "q_origin_key":1,
      "seq-num":1,
      "status":"enable",
      "dst":"0.0.0.0 0.0.0.0",
      "src":"0.0.0.0 0.0.0.0",
      "gateway":"x.x.x.y",
      "distance":10,
      "weight":0,
      "priority":0,
      "device":"port1",
      "comment":"",
      "blackhole":"disable",
      "dynamic-gateway":"disable",
      "virtual-wan-link":"disable",
      "dstaddr":"",
      "internet-service":0,
      "internet-service-custom":"",
      "link-monitor-exempt":"disable",
      "vrf":0,
      "bfd":"disable"
    }
  ],
  "vdom":"root",
  "path":"router",
  "name":"static",
  "status":"success",
  "http_status":200,
  "serial":"FGVM……………",
  "version":"v6.2.0",
  "build":200
}
3) How to logout
#curl -k -i -X POST https://x.x.x.x/logout

Contributors