Ensure FortiManager has an administrator account that has 'JSON API Access' enabled. The following KB article shows how to create/configure an admin that can be used for API and how to obtain the session token for API usage: Technical Tip: Using FortiManager/FortiAnalyzer API

The API request for adding an address object to the ADOM root is as follows:

{

  "method": "add",

  "params": [

    {

      "data": [

        {

            "name": "test_address",

            "type": "ipmask",

            "subnet": "192.168.0.1/32"

        }

      ],

      "url": "/pm/config/adom/root/obj/firewall/address"

    }

  ],

  "session": "{{session}}",

  "id": 1

}

Make sure to replace the session with the actual session value obtained during the login, as explained in the KB linked above.

To create address objects in another ADOM, simply change the ADOM name in the URL field. For example, to add an address to an ADOM named Fortinet, the following URL should be used:

"url": "/pm/config/adom/Fortinet/obj/firewall/address"

The response should show as follows for a successful API request:

{

    "result": [

        {

            "data": {

                "name": "test_address"

            },

            "status": {

                "code": 0,

                "message": "OK"

            },

            "url": "/pm/config/adom/root/obj/firewall/address"

        }

    ],

    "id": 1

}

Troubleshooting:

The following commands can be used on the FortiManager CLI to debug the API Calls:

diagnose debug service httpd 255

diagnose debug service main 255

Related document: 

Technical Tip: Using FortiManager/FortiAnalyzer API