Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
thirty182
New Contributor

ForitGate API access_token

Hi,

i have two Fortigate 200F (v7.0.9 build 0444) devices where GET request with access_token is working only for one of them. access_token is generated in GUI for API user. I checked rights and they are same.

Scenario:
Working Device1:

curl -X GET -g -k --noproxy '*' https://[ipv6]/api/v2/monitor/system/status?access_token=123445664785dadadasdad

{

  "http_method":"GET",

  "results":{

    "model_name":"FortiGate",

    "model_number":"200F",

    "model":"FG200F",

    "hostname":"Device1,

    "log_disk_status":"not_available"

  }

 

Not working Device2:

curl -X GET -g -k --noproxy '*' https://[ipv6]:8443/api/v2/monitor/system/status?access_token=asdasdasdasda5dasdadad8adsd

<title>429 Too Many Requests</title>

</head><body>

<h1>Too Many Requests</h1>

<p>The user has sent too many requests

in a given amount of time.</p>

<p>Additionally, a 429 Too Many Requests

error was encountered while trying to use an ErrorDocument to handle the request.</p>

</body></html>

 

however, if i create access_token with POST request using user with ADMIN rights:

curl -X POST -g -k --noproxy '*' -d '{"username":"myuser","secretkey":"hidden","ack_pre_disclaimer":true,"request_key":True,"ack_post_disclaimer":true}' -H "Content-Tye: application/json" https://[device2]:8443/api/v2/authentication

returns:

{

  "status_code":5,

  "status_message":"LOGIN_SUCCESS",

  "session_key":"a5a5a5a5a5a5adasda8sd8sd8ewerfgfg",

  "session_key_timeout":"30"

}

 

following GET request returns needed data:

curl -X GET -g -k --noproxy '*' https://[device2]:8443/api/v2/monitor/system/status/?access_token=a5a5a5a5a5a5adasda8sd8sd8ewerfgfg

{

  "http_method":"GET",

  "results":{

    "model_name":"FortiGate",

    "model_number":"200F",

    "model":"FG200F",

    "hostname":"Device2",

    "log_disk_status":"not_available"

  }


Does anyone had a same issue? What can be a reason?

Thanks

 

1 REPLY 1
kgeorge
Staff
Staff

Hello,

 

Regarding the API usage/configuration on FortiGate and queries pertaining to the same, our Fortinet Developer Team's intervention is required. There is a separate forum for it.

 

To get access to Fortinet Developer Account, you may get in touch with your or any of the Local Fortinet Re-sellers in your location or check with Fortinet Regional Sales engineer if you know one.

 

You would need two sponsors from Fortinet in order to help you open a Developer Account.

 

Like to share this article if it helps in some way,

 

https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/940602/using-apis

 

Cheers!

 

Regards,

Klint George

Regards,
Klint George
Labels
Top Kudoed Authors