Fortinet black logo

REST API Solution Guide

Push authentication (/pushauth/)

Push authentication (/pushauth/)

URL: https://[server_name]/api/[api_version]/pushauth/

This endpoint is used to trigger a token code validation from a user's FTM app. The validation involves the use of a third-party's (e.g. Apple or Google) Push servers. This API is for use by third-party authentication system for verify login against FortiAuthenticator on their mobile devices.

note icon In order to use the Push authentication feature, please ensure the FTM version is newer than 4.0.

note icon If mobile devices and FortiAuthenticator are not in the same subnet, please configure the public IP/FQDN settings at System > Administration > System Access page to guarantee that FortiAuthenticator is reachable from FTM.

Supported fields

Field Display name Type Required Other restrictions
username User Name string Yes max length=50, unique
realm Realm string No One of the existing realm configured in FAC. Required if more than one user matches the username field.
user_ip User IP string No
timestamp Timestamp string No UTC format
account User account in third-party system string No
user_agent The end-user's software agent that triggered the push request string No
log_message Log information string No

Allowed methods

HTTP method Resource URI Action
POST /api/v1/pushauth/ Create and send a push message.

Response codes

In addition to the general codes defined in General API response codes, a POST request to this resource can also result in the following return codes:

Code Response content Description
200 OK User is successfully authenticated on their mobile devices.
401 Unauthorized User rejected the authentication request.
404 Not Found The given username does not exist in the system or there is no FortiToken Mobile assigned to the given user.
500 Internal Server Error Push server is refusing to send the push notification.
503 Service Unavailable Push server is unreachable.

Push authentication (/pushauth/)

URL: https://[server_name]/api/[api_version]/pushauth/

This endpoint is used to trigger a token code validation from a user's FTM app. The validation involves the use of a third-party's (e.g. Apple or Google) Push servers. This API is for use by third-party authentication system for verify login against FortiAuthenticator on their mobile devices.

note icon In order to use the Push authentication feature, please ensure the FTM version is newer than 4.0.

note icon If mobile devices and FortiAuthenticator are not in the same subnet, please configure the public IP/FQDN settings at System > Administration > System Access page to guarantee that FortiAuthenticator is reachable from FTM.

Supported fields

Field Display name Type Required Other restrictions
username User Name string Yes max length=50, unique
realm Realm string No One of the existing realm configured in FAC. Required if more than one user matches the username field.
user_ip User IP string No
timestamp Timestamp string No UTC format
account User account in third-party system string No
user_agent The end-user's software agent that triggered the push request string No
log_message Log information string No

Allowed methods

HTTP method Resource URI Action
POST /api/v1/pushauth/ Create and send a push message.

Response codes

In addition to the general codes defined in General API response codes, a POST request to this resource can also result in the following return codes:

Code Response content Description
200 OK User is successfully authenticated on their mobile devices.
401 Unauthorized User rejected the authentication request.
404 Not Found The given username does not exist in the system or there is no FortiToken Mobile assigned to the given user.
500 Internal Server Error Push server is refusing to send the push notification.
503 Service Unavailable Push server is unreachable.