Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
vraev
Staff
Staff

Created on ‎01-04-2023 05:34 AM Edited on ‎12-06-2023 09:09 AM By Moderator

Article Id 241946

Technical Tip: Managing the JSON API call with cURL under Linux/Gnu and how to get, delete and create a user using it

Description

 

This article describes how to use the JSON API calls under Linux/Gnu using the cURL command line tool and how to get, delete, create a user, and the possible options to use to filter using fields or specific usernames and the output difference.
At the end of the article are shown some common errors.

 

Scope

 

Understand the JSON API calls used under the FortiManager.

 

Note.

There is an attached text file that contains the full JSON API calls and the simplified version used in the article.

Be aware that these examples could be implemented by other programs or programming languages.
The related articles and their links are at the bottom of the page.

 

Solution

 

It is possible to use already prepared requests from the Postman.
It is possible to copy a directly generated cURL command line as shown below.

 

Vito_0-1672839874976.png

 

Anthony_E_0-1672844089593.png

 

Start with a login to the remote FortiManager:

 

Vito_3-1672836998824.png

 

To receive the output parsed, it is possible to use the 'jq' (apt install jq – for Debian users).

 

Vito_4-1672836998825.png

 

Then to view only the session, it is possible to use the 'grep'. Like '| grep session'.
To save the output directly as a file, use the cURL option -o the_name.

 

curl -k --location --request POST 'https://10.109.54.6/jsonrpc' \
--header 'Content-Type: application/json' \
--data-raw '{
  "method": "exec",
  "params": [
    {
      "data": {
        "passwd": "",
        "user": "admin"
      },
      "url": "/sys/login/user"
    }
  ],
  "session": "string",
  "id": 1
}' | jq "."

 

To get the current users and their profiles, use the cURL to get the data that was desired and to grep through the output.

 

Vito_5-1672837135133.png

 

curl -k --location --request POST 'https://10.109.54.6/jsonrpc' \
--header 'Content-Type: application/json' \
--data-raw '{
  "method": "get",
  "params": [
    {
        "url": "/cli/global/system/admin/user "
    }
  ],
  "session": "QTnToxshxQXrog+lxbMEFkViZkvRuYAE+6K/YMNrNKytZaj/KzpL2TW0mPCAPFjTp+puVBagII04PMw5atBMtg==",
  "id": 1
}' | jq "." |  grep -e userid -e profileid

 

To get only specific user data, it is possible to specify a username. Additionally, it is possible to use the 'fields' option. This option will reduce the output fields.

 

{
  "method": "get",
  "params": [
    {
        "fields"
            [
                "userid"
            ],
        "url": "/cli/global/system/admin/user/admin"
    }
  ],
  "session": "{{session}}",
  "id": 1
}

 

If the output is compared with and without the fields for the user admin, it is possible to observe that with the first option, it will show 162 lines and without it, 254 lines of output are obtained.

 

Note: Due to reduced output when the filter is used, the field 'profiled' would be missing! 

 

Vito_6-1672837297331.png

 

Now, delete a user.

 

Vito_7-1672837502518.png

 

curl -k --location --request POST 'https://10.109.54.6/jsonrpc' \
--header 'Content-Type: application/json' \
--data-raw '{
  "method": "delete",
  "params": [
    {
      "url": "/cli/global/system/admin/user/novosco"
    }
  ],
  "session": "string",
  "id": 1
}' | jq "."

 

Create a new user.

 

Vito_8-1672837561309.png

 

curl -k --location --request POST 'https://10.109.54.6/jsonrpc' \
--header 'Content-Type: application/json' \
--data-raw '{
"method": "add",
"params": [
{
"data": [
{
"adom": [
{
"adom-name": "all_adoms"
}
],
"change-password": "enable",
"profileid": "Super_user",
"userid": "novosco"
}
],
"url": "/cli/global/system/admin/user"
}
],
"session": "QTnToxshxQXrog+lxbMEFkViZkvRuYAE+6K/YMNrNKytZaj/KzpL2TW0mPCAPFjTp+puVBagII04PMw5atBMtg==",
"id": 1
}'  |  jq "."

 

Common errors:

 

  1. Self-signed certificate:

 

curl: (60) SSL certificate problem: self-signed certificate
More details are available in this document.

 

When the self-signed certificate is used, add to the cURL the following: --k /--insecure.

 

  1. Session ID error:

Do not reuse a session ID generated on another device as a permission denied error will be shown.

 

{ "status": { "code": -11, "message": "No permission for the resource" }

 

  1. The object does not exist.

 

Vito_9-1672837688830.png

 

This error may be observed when the URL is not correct. In this case, it should be:

 

"url": "/cli/global/system/admin/user”

 

Related articles:

fmg_curl_JSON_API_request_full_simplified_without_outputs.zip
Labels:
1067
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.