Fortigate 3301E missing API 7.2.11

aguerriero · ‎04-06-2025

I have an unusual problem. When I went to add a rest api user I noticed that I am missing options for "REST API Admin" and "SSO Admin". I can only create create system administrators. I have a mix of hundreds of 7.2 and 7.4 systems in my network. This is the only device running 7.2.11 so I dont know if it is specifically for that version. And I cannot downgrade without getting an approved maintenance window.

I tried using the CLI as well...

I cannot type in config system api-user sso-admin... those are missing from the CLI.

NO API.PNG

Dhruvin_patel · ‎04-06-2025

Greetings!

The issue you're experiencing with the missing "REST API admin" and "SSO admin" options could be related to the FIPS-CC mode being enabled on your FortiGate device. In FIPS-CC mode, the REST API admin account option is disabled by design.

To verify if FIPS mode is enabled, you can use the following command in the CLI:

get system status

Look for the line, FIPS-CC mode:

Regards!

Dhruvin Patel

View solution in original post

Dhruvin_patel · ‎04-06-2025

Greetings!

The issue you're experiencing with the missing "REST API admin" and "SSO admin" options could be related to the FIPS-CC mode being enabled on your FortiGate device. In FIPS-CC mode, the REST API admin account option is disabled by design.

To verify if FIPS mode is enabled, you can use the following command in the CLI:

get system status

Look for the line, FIPS-CC mode:

Regards!

Dhruvin Patel

aguerriero · ‎04-06-2025

That was it. The only other fortigates we have running in FIPS CC are 6 and 7.4.

Dhruvin_patel · ‎04-07-2025

I'm glad I could help with your question.

Dhruvin Patel

Fortigate 3301E missing API 7.2.11

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website