Adding API users
API users can access FortiCloud services, including FortiAnalyzer Cloud, through the API.
In order to send API requests to FortiAnalyzer Cloud, you must first obtain an access token from FortiCloud using OAuth 2.0. You can use the access token to generate a session ID which is required to send an JSON API request to FortiAnalyzer.
To use the FortiAnalyzer Cloud API:
-
Create an API user in FortiCloud and download your API credentials. See Adding an API user in the FortiCloud Account Services documentation for instructions on how to add API users.
-
Obtain an access token from FortiCloud using your credentials. See Accessing FortiAPIs - Authentication and authorization for information on authentication and authorization for FortiAPIs.
-
Use the access token to get a FortiAnalyzer Cloud API session ID using the
https://<FortiAnalyzer_cloud_url>/p/forticloud_jsonrpc_login/endpoint.HTTP Method POST Endpoint https://<FortiAnalyzer_cloud_url>/p/forticloud_jsonrpc_login/Request Body { "access_token": "<access token obtained in step 2>" }Response example
{ "session": "ykF3W6G8CfZv+xecsZBC00n6P0TEbsO*****" } -
Send API requests to the
https://<FortiAnalyzer_cloud_url>/jsonrpcendpoint with the session included in the body.For example:
HTTP Method POST Endpoint https://<FortiAnalyzer_cloud_url>/jsonrpcRequest Body { "method": "get", "params": [ { "url": "/sys/status" } ], "id": 1, "verbose": 1, "session": "ykF3W6G8CfZv+xecsZBC00n6P0TEbsO*****", }
|
The FortiAnalyzer Cloud API uses session-based authentication. The number of simultaneous API sessions allowed for an API user is controlled by the user's max login setting. By default, this setting is set to 20. config system admin user edit <user> set login-max 20 |