Technical Tip: How to use FortiNAC REST API to create and update a host record by mac address

dsull111 · ‎03-26-2024

Description

This article describes how to create and update a host record using the FortiNAC REST API.

Scope

FortiNAC v9.x/7.x and greater.

Solution

The FortiNAC REST API is an alternative to the web or CLI interface that can be used to query and/or manipulate data in the FortiNAC database programmatically. Some examples where this can be useful for an administrator:

Automate repetitive tasks.
Make changes to large sets of data through programmatic substitution.
Pull data from FortiNAC into a third-party application.
Develop a simplified interface for internal teams to automate tasks without visibility to the FortiNAC internals.

This is also used in some cases by third parties who wish to develop specialized applications to manipulate data in the FortiNAC.

This example uses Postman as the tool to interact with the API. When using Postman for an API call the equivalent syntax can also be shown in Curl format by clicking the code block - </> on the sidebar.

This article assumes that the administrator has already set up the REST API Administrator account in FortiNAC, and has generated a bearer token that will be used for Authentication.

This is covered in a separate document in the FortiNAC Document library under a document titled 'REST APIv2 Configuration'.

Add new host:

Endpoint - /api/v2/host

Request Type - POST

Example URL - https://<FNAC Eth0 IP>:8443/api/v2/host

Example data:

{
"hostName":"test1234567",
"adapters":["00:00:00:11:11:20"],
"role":"NAC-Default"
}

This call will add a new host to the FortiNAC, the body of the request will contain raw JSON formatted data in an

'attribute':'value' format separated by commas on each line. The minimum required data is an adapter MAC address.

There are a long list of attributes to include here, and the possibilities can all be viewed in the next step:

The return data will either display a status of success or an error with an error message indicating the issue.

Get host by Mac:

Endpoint - /api/v2/host/by-mac/<MAC Address in Colon format>

Request Type - GET

Example URL - https://<FNAC Eth0 IP>:8443/api/v2/host/by-mac/00:00:00:11:11:22

Example return data:

{
"status": "success",
"errorMessage": null,
"results": [
{
"landscape": 91770458881,
"id": 3676,

This request will get all host data associated with a specific MAC address, which is specified in the URL as shown above.

The return data from this call will list out all the possible attributes that can be modified on a host record (some may or may not be modifiable in the next step.

This will also return an "id" this is the database ID number of the host in question, and will be necessary to update the host in the next step.

Update host:

Endpoint - /api/v2/host/<dbid>

Request Type - POST

Example URL - https://<FNAC Eth0 IP>:8443/api/v2/host/3668

Example data:

{
"hostName":"API Created Host",
"role":"NAC-Default",
"notes":"API Testing"
}

This call will update the host with the supplied DB ID retrieved in the last step. The body of the request will contain raw JSON formatted data in an 'attribute':'value' format separated by commas on each line, similar to the first example.

Some of the possible attributes that can be modified are displayed in the return data when getting the full host record by MAC address in the previous example: