Note:
- FortiManager Cloud and the Postman application will be used as an example in this article.
Requirements:
- A FortiCloud Master user account, OR...
- A user that has access permission to the FortiCloud IAM account.
Create an IAM API User:
- Create an IAM API user account from FortiCloud (support.fortinet.com):
Navigate to FortiCloud -> Services -> IAM -> Users -> Add New -> API User.
- Select the appropriate Permission Profile -> Select Next -> Verify the details -> Select Confirm.
- A Successful API User Registration page will be shown:
- Navigate to bottom of the page and select Download Credentials:
- Enter a Password to protect the API credentials and select Proceed:
- API credentials will be downloaded onto the local PC in .zip format.
- Open the API_Credential text file from the downloaded zip file.
- The API Credential text file will contain the following information. This information will be used to generate the access token.
apiId: < IAM API User ID > password: < IAM API User password >
clientId for FortiManager Cloud: FortiManager
clientId for FortiAnalyzer Cloud: FortiAnalyzer
Generate a token for the IAM API user:
- In this example, the Postman application will be used to send an API request to FortiManager-Cloud.
- In Postman, perform a POST request in order to obtain the access token:
POST: https://customerapiauth.fortinet.com/api/v1/oauth/token/
Body:
{ "username": "< IAM API User ID >", "password": "< IAM API User password >", "client_id": "FortiManager", "grant_type": "password" }
Select Send.
- Copy the 'access_token' from the response page.
- Perform another POST request and paste the access_token value under the API body:
POST: https://<fmg-cloud-instance-URL>/p/forticloud_jsonrpc_login/
Body:
{ "access_token": "< access_token >" }
Select Send.
- Copy the 'session' from the response page.
- Once the session ID has been obtained, proceed to make the necessary API request using the session ID. For example:
POST: https://<fmg-cloud-instance-URL>/jsonrpc
Body:
{ "method": "get", "params": [ { "url": "/sys/status" } ], "session": "< session >", "id": 1 }
Select Send.
- Verify the output and proceed to make the necessary changes on the API request, according to the requirements.
Related documents:
|