Created on
10-02-2019
07:05 AM
Edited on
09-05-2025
07:32 AM
By
Jean-Philippe_P
Description
This article describes the integration with FortiGate. In this integration, API access is used for the following functions:
If the API communication is not working properly, these functions will fail.
Scope
FortiNAC.
Solution
> HTTP/1.1 200 OK
Date: Fri, 04 Oct 2019 12:50:02 GMT
Server:
Set-Cookie: APSCOOKIE_1504669070="0%260"; path=/; expires=Thu, 16-Oct-1969 12:50:02 GMT; secure; SameSite=Strict
Set-Cookie: VDOM_1504669070="0%260"; path=/; expires=Thu, 16-Oct-1969 12:50:02 GMT; secure; SameSite=Strict
Set-Cookie: CENTRAL_MGMT_OVERRIDE_1504669070="0%260"; path=/; expires=Thu, 16-Oct-1969 12:50:02 GMT; secure; SameSite=Strict
Set-Cookie: EDIT_HISTORY_1504669070="0%260"; path=/; expires=Thu, 16-Oct-1969 12:50:02 GMT; secure; SameSite=Strict
Set-Cookie: FILE_DOWNLOADING_1504669070="0%260"; path=/; expires=Thu, 16-Oct-1969 12:50:02 GMT; secure; SameSite=Strict
Set-Cookie: csrftoken_1504669070="0%260"; path=/; expires=Thu, 16-Oct-1969 12:50:02 GMT; secure; SameSite=Strict
Set-Cookie: ccsrftoken_1504669070="0%260"; path=/; expires=Thu, 16-Oct-1969 12:50:02 GMT; secure; SameSite=Strict
Set-Cookie: ccsrftoken="0%260"; path=/; expires=Thu, 16-Oct-1969 12:50:02 GMT; secure; SameSite=Strict
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
X-UA-Compatible: IE=Edge
execute enter-shell
device -ip 10.20.30.1 -SetAttr -name API_Port -value 4443
device -ip <FortiGate IP> -SetAttr -name APIToken -value <API Key>
On FortiNAC-OS, run the following command:
execute enter-shell
$ device -ip <FortiGate IP> -SetAttr -name APIToken -value <API Key>
3. If the API call is still failing, check if HTTPS is enabled specifically on the FortiGate interface to which the API call is being made.
FortiGate# show system interface port<>
edit "port<>" <----- The specific port to which API calls are to be made.
set ip <FortiGate-IP>
set allowaccess ping https ssh fgfm <--- Should have https enabled, else API calls fail to this FortiGate-IP.
...
next
end
FortiGate endpoint management integration guide
FortiGate Endpoint Management Integration
Technical Tip: How to configure & use API token to communicate with FortiGate
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.