FortiAuthenticator provides access management and single sign on.
Article Id 191521


This article describes how to enable the REST API for FortiAuthenticator.




FortiAuthenticator v6.2.0 and above.



An API (Application Programming Interface) is a set of defined interfaces to perform certain tasks. Consuming information from FortiAuthenticator is one example: such as using it to get, create and modify information related users, attributes and other related data.

FortiAuthenticator provides a REST (Representational State Transfer) API for interaction with components of the system. External programs interact with the REST API over HTTP protocol. After receiving the request, the FortiAuthenticator API sends back an HTTP response code.


To enable the API, log in as a user with administrator rights and select Web Service Access. An email address is required since the key for API access will be sent to the email address of the user. The key is required in each interaction to have access to the different API actions.

As of FortiAuthenticator 6.2.0, the API key for admin users can be viewed and copied from the GUI and/or emailed to the user email address.
Upon enabling 'Web Service Access', these options will become visible.
If the key is lost, disable 'Web service access' and then enable it again to generate and send a new key. The old key will become invalid.