- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
API request of new token
So far I am able to retrieve a new API token via the GUI and by using the CLI methods. Would like however to retrieve a new API token via the POST method. Read the documentation from the link below and followed by using a POST /api/v2/monitor/system/api-user/generate-key?vdom=root and a body with
https://fndn.fortinet.net/index.php?/fortiapi/1-fortios/100/
This for only returns a 401 unauthorized. How then can proper authorization be included?
Appreciate it
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Make the change in CLI. I don't know why, but the super_admin profile appears to be available for an API admin only in the CLI, not in the GUI.
You can make the configuration as usual in the GUI, and then switch the profile to super_admin in the CLI as the last step.
- « Previous
-
- 1
- 2
- Next »
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you trying to make the modification while logged in as a super_admin? It may be hidden if not, since non-super_admin will not be able to promote any account to super_admin role.
I have checked the behaviour with firmware 7.0.8 and 7.2.2, and I see super_admin available for API users in both, but only in the CLI.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hello,
I have the same problem +1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To summarize what I've written so far, it appears that you will need to make the API request with an account that is super_admin (use permissions of a super_admin account). If that's not what you're doing right now, try it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I do follow this thread. Where it falls apart for me is that the REST API Admin does not have super_admin privileges. These super_admin privileges are not offered in the drop down menu for me.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Make the change in CLI. I don't know why, but the super_admin profile appears to be available for an API admin only in the CLI, not in the GUI.
You can make the configuration as usual in the GUI, and then switch the profile to super_admin in the CLI as the last step.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The instruction to change apiadmin profile to super_admin over CLI only was important. This now does return a new bearer token when the proper Authorization is included as a bearer token. However, my goal would be to use the API to request a bearer token when none was yet known. If for example the system was booting up and no token was saved, could the API be used to request a new bearer token when no authorization token was given?
- « Previous
-
- 1
- 2
- Next »