Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
farhanahmed
Staff
Staff

Created on ‎12-24-2025 09:22 AM

Article Id 424426

Technical Tip: Find and replace an address object using the JSON API

Description This article describes how to Find and Replace an address object used in policy package using JSON API.
Scope FortiManager, Postman.
Solution

The Find and Replace address object (or any ADOM level object) involves three steps:

  1. Initialize the 'Find' process.
  2. Get the list of all object references.
  3. Replace the object in all references.

 

The following process details how to achieve this:

 

  • Initialize the 'Find' process.

 

{

    "method": "exec",

    "params": [

        {

            "url": "cache/search/where/used/start",

            "data": {

                "obj": "adom/{{ADOM}}/obj/{{Object_Type}}",

                "mkey": "{{Object_Find}}",

                "flags": [

                    "direct used"

                ]

            }

        }

    ],

    "id": "2",

    "session": "{{session}}",

    "verbose": 1

}


Here the {{Object_Type}} = firewall/address. This can be changed depending on the type of object required change.

 

For example:

  • For an local user: user/local.
  • For a dynamic interface: dynamic/interface.
  • For a Security Profile Group: firewall/profile-group.

The output of this request generates a 'token', which is then used in the next query.

 

find_task.png

 

  • Get the list of all object references:

 

{

    "method": "exec",

    "params": [

        {

            "url": "cache/search/where/used/get/detail",

            "token": "{{token}}"

        }

    ],

    "id": "1",

    "session": "{{session}}",

    "verbose": 1

}


Example output:

 

use_details.png

 

 

  • Replace the object in all references (if 'X' number of references, then 'X' number of requests)

In this example, there is an address object 'Test1' that has been used in two firewall polices in a policy package (as seen in step 2 output). Consequently, two requests are required to replace it with another object, 'Test2'.

 

{

        "method": "update",

        "params": [

            {

                "url": `pm/config/adom/${adom}/pkg/${policy.package_name}/firewall/policy/${policy.policy_id}`,

                "used objs": {

                    "from": `obj/${objecttype}/${objectFind}`,

                    "to": [

                        `${objectReplaceWith}`

                    ]

                }

            }

        ],

        "id": 3,

        "session": sessionTokenValue

    };

             


Instead of running multiple queries manually, Postman Scripts can be used to run change requests in loop until object is replaced in all references.

 

find_replace.gif

 

  • The API collection can be imported into Postman (tested with v11.73.0) using the attached file.
  • Under the 'Variables' tab of the collection, the following variables are required:
    • host: IP address of FortiManager.
    • ADMIN: FortiManager Admin user.
    • PASSWORD: Admin user password.
    • ADOM: FortiManager ADOM.
    • Object_Type: Already set to: firewall/address. Change if required - as explained in Step 1.
    • Object_Find: Object Name - object to be replaced
    • Object_ReplaceWith: Object Name - object to replace with


Related documents:

Postman Release Notes
Technical Tip: Using FortiManager API
Fortinet Development Network (FNDN) - FortiManager
Find_and_Replace_Object.postman_collection.zip
Labels:
15
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.