Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AskingForHelp
New Contributor III

Created on ‎12-19-2023 04:36 PM

FortiOS API POST new Policy

Hello Community,

 

Ive attempted to POST a new policy to a FortiWiFi 80F appliance. I am getting a 400 response due to bad syntax. I can do a GET to this same URL and it works without issue. What could be my issue?

 

POST

https://{{IP}}/api/v2/cmdb/firewall/policy/?access_token=7dpdqjH3bHjqfghw0Gkx9Ngxht8b8p

 

BODY

{
    "name": "TEST5",
    "srcintf": [
      {
        "name": "lan"
      }
    ],
    "dstintf": [
      {
        "name": "lan"
      }
    ],
    "action": "accept",
    "srcaddr": [
      {
        "name": "all"
      }
    ],
    "dstaddr": [
      {
        "name": "all"
      }
    ],
    "schedule": {
      "q_origin_key": "always"
    },
    "service": [
      {
        "name": "FTP"
      }
    ],
    "nat": "enable"
  }
}
Labels:
1738
0 Kudos
1 Solution
AskingForHelp
New Contributor III

Created on ‎12-21-2023 06:37 AM

Thank you both for your input!

Yes that closing bracket got me. Also I was able to get the command to run in cURL with the --insecure flag. I must not have that setup in the Postman environment.

View solution in original post

1574
0 Kudos
6 REPLIES 6
ozkanaltas
Valued Contributor III

Created on ‎12-19-2023 10:09 PM

Hello @AskingForHelp ,

 

Your request seems good. I tried my FortiGate with your sample request on Postman, but I didn't get any error. My Fortigate created a policy without any problem.

 

I use FortiOS 7.2.5. Which version do you use?

 

Also, could you try add with "vdom" param end of the URL

 

https://{{IP}}/api/v2/cmdb/firewall/policy/?access_token=7dpdqjH3bHjqfghw0Gkx9Ngxht8b8p&vdom=root 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
1712
AskingForHelp
New Contributor III

Created on ‎12-20-2023 05:26 AM

The FortiWiFi is running 7.2.6. I tried adding vdom=root but did not get a success.

 

Screenshot from 2023-12-20 06-23-39.png

1692
0 Kudos
ozkanaltas
Valued Contributor III
In response to AskingForHelp

Created on ‎12-20-2023 11:20 PM

I saw your "Headers" tab. You send 10 headers, in my configuration I send 8 headers. What are you sending differently?

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
1612
AskingForHelp
New Contributor III

Created on ‎12-20-2023 05:57 AM

One more troubleshooting step I tired was to POST on the reboot API endpoint. That gave a 200 success.

 

Still the POST on the Policy endpoint gives a 400

1678
0 Kudos
Debbie_FTNT
Staff
Staff
In response to AskingForHelp

Created on ‎12-21-2023 12:57 AM

Hey,

the Fortinet Developer Network includes an option to validate API requests, and I checked your snippet above against it - it looks like you have an extra closing bracket '}' in there.

Once I removed that, it came back fine. Can you check that that's not the bad syntax your FortiGate is complaining about?

image.png

image.png

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
1604
AskingForHelp
New Contributor III

Created on ‎12-21-2023 06:37 AM

Thank you both for your input!

Yes that closing bracket got me. Also I was able to get the command to run in cURL with the --insecure flag. I must not have that setup in the Postman environment.

1575
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.