Fortinet black logo

REST API Solution Guide

Initializing the REST API

Initializing the REST API

The FortiAuthenticator API is accessible without additional cost or licensing, however, the server is disabled by default and needs to be configured.

To access the API, a user must be granted administrator rights and web service access. A valid e-mail address is also required as the API challenge key will be emailed to the user.

To enable the API, create a new user or edit an existing one and specify the following:

  1. Under User Role, select Administrator.
  2. Enable Web service access.
  3. Under User Information, enter a valid email address.
    Note: Ensure email routing is working beforehand as the API Key will be forwarded to this address.
  4. Click OK to save the details.
    The API Web Service Access Key used to authenticate to the API is emailed to the user.
  5. Make a note of the API Web Service Access Key.

Should the API Web Service Access Key be lost, access can be recovered by disabling the Web Service feature for the user, saving and then re-enabling the feature. A new key will be generated (and all code using it will need to be updated with the new credentials).

Initializing the REST API

The FortiAuthenticator API is accessible without additional cost or licensing, however, the server is disabled by default and needs to be configured.

To access the API, a user must be granted administrator rights and web service access. A valid e-mail address is also required as the API challenge key will be emailed to the user.

To enable the API, create a new user or edit an existing one and specify the following:

  1. Under User Role, select Administrator.
  2. Enable Web service access.
  3. Under User Information, enter a valid email address.
    Note: Ensure email routing is working beforehand as the API Key will be forwarded to this address.
  4. Click OK to save the details.
    The API Web Service Access Key used to authenticate to the API is emailed to the user.
  5. Make a note of the API Web Service Access Key.

Should the API Web Service Access Key be lost, access can be recovered by disabling the Web Service feature for the user, saving and then re-enabling the feature. A new key will be generated (and all code using it will need to be updated with the new credentials).