- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiOS API POST new Policy
Hello Community,
Ive attempted to POST a new policy to a FortiWiFi 80F appliance. I am getting a 400 response due to bad syntax. I can do a GET to this same URL and it works without issue. What could be my issue?
POST
https://{{IP}}/api/v2/cmdb/firewall/policy/?access_token=7dpdqjH3bHjqfghw0Gkx9Ngxht8b8p
BODY
{
"name": "TEST5",
"srcintf": [
{
"name": "lan"
}
],
"dstintf": [
{
"name": "lan"
}
],
"action": "accept",
"srcaddr": [
{
"name": "all"
}
],
"dstaddr": [
{
"name": "all"
}
],
"schedule": {
"q_origin_key": "always"
},
"service": [
{
"name": "FTP"
}
],
"nat": "enable"
}
}
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you both for your input!
Yes that closing bracket got me. Also I was able to get the command to run in cURL with the --insecure flag. I must not have that setup in the Postman environment.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @AskingForHelp ,
Your request seems good. I tried my FortiGate with your sample request on Postman, but I didn't get any error. My Fortigate created a policy without any problem.
I use FortiOS 7.2.5. Which version do you use?
Also, could you try add with "vdom" param end of the URL
https://{{IP}}/api/v2/cmdb/firewall/policy/?access_token=7dpdqjH3bHjqfghw0Gkx9Ngxht8b8p&vdom=root
NSE 4-5-6-7 OT Sec - ENT FW
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The FortiWiFi is running 7.2.6. I tried adding vdom=root but did not get a success.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I saw your "Headers" tab. You send 10 headers, in my configuration I send 8 headers. What are you sending differently?
NSE 4-5-6-7 OT Sec - ENT FW
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
One more troubleshooting step I tired was to POST on the reboot API endpoint. That gave a 200 success.
Still the POST on the Policy endpoint gives a 400
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey,
the Fortinet Developer Network includes an option to validate API requests, and I checked your snippet above against it - it looks like you have an extra closing bracket '}' in there.
Once I removed that, it came back fine. Can you check that that's not the bad syntax your FortiGate is complaining about?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you both for your input!
Yes that closing bracket got me. Also I was able to get the command to run in cURL with the --insecure flag. I must not have that setup in the Postman environment.
