Technical Tip: How to generate API key using IAM user account from FortiManager Cloud

tnesh · ‎07-31-2023

Description

This article describes how to generate an API key using an IAM user account from FortiManager Cloud.

Scope

FortiManager/FortiAnalyzer Cloud v7.0 & v7.2.

Solution

Note: FortiManager Cloud and Postman applications will be used as an example in this article.

Steps:

Get the Cloud IAM user info from FortiManager-Cloud CLI.
For example:
APAC-FMG-CANADA-DC # get system admin user
== [ testt ]
userid: testt
Change the admin user-type from 'CLOUD_IAM' to 'API':
For example:
APAC-FMG-CANADA-DC # config system admin user
(user)# edit testt
(testt)# set user_type api
(testt)# end
userid: test

Under FortiManager-Cloud GUI -> System Settings -> Admin -> Administrators, note that the user type is now API:
Select the API user and select Edit.
Select the correct JSON API Access and select Regenerate API Key -> Regenerate -> Generate.
Copy the 'New API Key'.

Note: The existing API user session will be logged out upon generating a new API key.
In Postman, perform a POST request and paste the API-Key under Authorization and proceed to perform the API request.
For example:
POST: https://<fmg-cloud-instance-URL>/jsonrpc.

Authorization: Bearer Token.
Token : << api-key >>
Body:

{

"method": "get",
"params": [

{

"url": "/sys/status"

}

],
"id": 1

}

Select Send.

5.get-sys-status.png

Verify the output and proceed to make necessary changes on the API request as required for the environment setup.

You are leaving our website