Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
cserna_FTNT
Staff
Staff

Created on ‎09-05-2017 08:17 PM Edited on ‎12-28-2023 10:59 AM By Moderator

Article Id 191521

Technical Tip: Enable FortiAuthenticator Rest API

Description

 
This article describes how to enable the REST API for FortiAuthenticator.

 

Scope

 

FortiAuthenticator v6.2.0 and above.


Solution

 

An API (Application Programming Interface) is a set of defined interfaces to perform certain tasks. Consuming information from FortiAuthenticator is one example: such as using it to get, create and modify information related users, attributes and other related data.

FortiAuthenticator provides a REST (Representational State Transfer) API for interaction with components of the system. External programs interact with the REST API over HTTP protocol. After receiving the request, the FortiAuthenticator API sends back an HTTP response code.

 

To enable the API, log in as a user with administrator rights and select Web Service Access. An email address is required since the key for API access will be sent to the email address of the user. The key is required in each interaction to have access to the different API actions.

As of FortiAuthenticator 6.2.0, the API key for admin users can be viewed and copied from the GUI and/or emailed to the user email address.
Upon enabling 'Web Service Access', these options will become visible.
 
If the key is lost, disable 'Web service access' and then enable it again to generate and send a new key. The old key will become invalid.
 
When using curl commands, it is recommended to provide the administrator username and password. In this case, the password would be the API admin key.
 
For example: for a command to list local users on FortiAuthenticator, the administrator's username is 'admin' and the password is the API key obtained in the prior steps.
 
curl -k -v -u "admin:password" https://x.x.x.x/api/v1/localusers/?format=json
 
For example:
 
curl -k -v -u "apiadmin:ytYq8QwNPhpNlPJqAPIeGVBB0xQsFkaau80WW4Xy" https://192.168.1.100/api/v1/localusers/?format=json
 
1648
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.