- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortigate API Request python
Hi,
I am struggeling with API requests to a Fortigate (Version 7.0.15). I used instructions from FNDN and got curl requests working as expected but the same request in python just throws a 401.
The python code:
url = 'https://fortigate/api/v2/cmdb/firewall/policy/?vdom=vdom‘
request_headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer <apikey>‘ }
response = requests.get(url, headers=request_headers)
The same (working) request in curl:
curl -s -H "Accept: application/json" -H "Authorization: Bearer <apikey>“ https://fortigate/api/v2/cmdb/firewall/policy/?vdom=vdom
Anyone has an idea what's wrong with the python request?
Solved! Go to Solution.
- Labels:
-
Authentication
-
Automation
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ok this is kind of embarrassing: I was developing a Fortimanager API script a few weeks ago. For that, I was using a .netrc file to authenticate.
From the Python request module documentation:
"If no authentication method is given with the auth argument, Requests will attempt to get the authentication credentials for the URL’s hostname from the user’s netrc file. The netrc file overrides raw HTTP authentication headers set with headers=."
Renamed .netrc file, everything's working fine, even without dedicated auth class.
Facepalm-Smiley.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ok got it: After reviewing the requests documentation at https://requests.readthedocs.io/en/latest/user/authentication/, I defined an auth class I found on Stackoverflow at https://stackoverflow.com/questions/29931671/making-an-api-call-in-python-with-an-api-that-requires-... and bam that works.
Example:
import requests
url = 'https://fortigate/api/v2/monitor/system/status'
headers = { "Content-Type": "application/json" }
apikey = 'System_Generated_API_Key'
class bearer_auth(requests.auth.AuthBase):
def __init__(self, token):
self.token = token
def __call__(self, request):
request.headers["authorization"] = "Bearer " + self.token
return request
response = requests.get(url, headers=headers, auth=bearer_auth(apikey))
print(response.text)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for sharing your findings, I'm glad that you came up with a solution. Since "curl" was working initially that was an indication that FGT was not to blame :)
If you have found a solution, please like and accept it to make it easily accessible for others.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I haven’t played with python and the API but are your start and end times reversed so it is returning an empty result set/error?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ok this is kind of embarrassing: I was developing a Fortimanager API script a few weeks ago. For that, I was using a .netrc file to authenticate.
From the Python request module documentation:
"If no authentication method is given with the auth argument, Requests will attempt to get the authentication credentials for the URL’s hostname from the user’s netrc file. The netrc file overrides raw HTTP authentication headers set with headers=."
Renamed .netrc file, everything's working fine, even without dedicated auth class.
Facepalm-Smiley.
