The FortiAuthenticator API is accessible without additional cost or licensing. The server however is disabled by default and needs to be configured.
To access the API, a user must be granted administrator rights and web service access. A valid e-mail address is also required as the API challenge key will be emailed to the user.
To enable the API, create a new user or edit an existing one and specify the following:
- Under User Role, select Administrator.
- Enable Web service access.
- Under User Information, enter a valid email address.
Note: Ensure email routing is working beforehand as the API Key will be forwarded to this address.
- Click OK to save the details.
The API Web Service Access Key used to authenticate to the API is emailed to the user.
- Make a note of the API Web Service Access Key.
|Should the API Web Service Access Key be lost, access can be recovered by disabling the Web Service feature for the user, saving and then re-enabling the feature. A new key will be generated (and all code using it will need to be updated with the new credentials).|