FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
tnesh
Staff & Editor
Staff & Editor
Article Id 266654
Description

This article describes how to generate an API key using an IAM user account from FortiManager Cloud.

Scope

FortiManager/FortiAnalyzer Cloud v7.0 & v7.2.

Solution

Note: FortiManager Cloud and Postman applications will be used as an example in this article.

 

Steps:

  1. Get the Cloud IAM user info from FortiManager-Cloud CLI.
    For example:
    APAC-FMG-CANADA-DC # get system admin user
    == [ testt ]
    userid: testt


  2. Change the admin user-type from 'CLOUD_IAM' to 'API':
    For example:
    APAC-FMG-CANADA-DC # config system admin user
    (user)# edit testt
    (testt)# set user_type api
    (testt)# end

    userid: test 

 

  1. Under FortiManager-Cloud GUI -> System Settings -> Admin -> Administrators, note that the user type is now API:

     

    1.user-type-api.png

     

  2. Select the API user and select Edit.

  3. Select the correct JSON API Access and select Regenerate API Key -> Regenerate -> Generate.

    2.generate-api-key.png

  4. Copy the 'New API Key'.

    Note: The existing API user session will be logged out upon generating a new API key.

    4.new-api-key.png

  5. In Postman, perform a POST request and paste the API-Key under Authorization and proceed to perform the API request.
    For example:
    POST:  https://<fmg-cloud-instance-URL>/jsonrpc.

    Authorization: Bearer Token.
    Token : << api-key >>
    Body:

    {

    "method": "get",
    "params": [

    {

    "url": "/sys/status"

    }

    ],
    "id": 1

    }

     

    Select Send.

5.get-sys-status.png

 

  1. Verify the output and proceed to make necessary changes on the API request as required for the environment setup.