Fortinet black logo

Handbook

Home FortiGSLB Handbook

Enabling RESTful API

Enabling RESTful API

From Release 23.4, FortiGSLB Cloud offers comprehensive RestAPI support, enabling developers to access and modify settings with ease. For API documentation, see the FortiGSLB RESTful API Reference.

The FortiGSLB Cloud RESTful API requires API key authorization, which can be generated directly from the GUI. The API key’s permissions are bound to the user who created it.

Generating API Key
  1. Log into your FortiGSLB Cloud account through the Web UI.
  2. Go to Account Information.
  3. Locate API Key.
  4. Click Create. This will generate an API key ID and API key secret.

You only have one chance to view the API key secret, so make sure you save it in a secure location. The key secret will not be stored at the back-end server.

In the API Key table, you can see the API key ID, creation and last usage timestamps, as well as its active or deactivated status. If you encounter any security issues with the key, you have the option to deactivate it. Please note that if your API Key is leaked, we might deactivate it as a precautionary measure. Each user is limited to creating only one API key at a time. If needed, you can delete an existing API key before generating a new one.

When using this API key, just put it in the HTTP authentication header as below:

authentication: Basic <api-key-secret>

Please note, exceeding the limit of failed attempts (3 times) will result in a 30-minute cool down period for further requests. Failed attempts can accumulate due to the following four scenarios:

  1. Cannot find the corresponding user on FortiCloud.

  2. The API key is illegal.

  3. Do not have any valid licenses.

  4. Using a deactivated API key.

We have implemented rate limiting, allowing a maximum of 200 requests per minute. This limit applies to both IP addresses and API keys.

Previous
Next

Enabling RESTful API

From Release 23.4, FortiGSLB Cloud offers comprehensive RestAPI support, enabling developers to access and modify settings with ease. For API documentation, see the FortiGSLB RESTful API Reference.

The FortiGSLB Cloud RESTful API requires API key authorization, which can be generated directly from the GUI. The API key’s permissions are bound to the user who created it.

Generating API Key
  1. Log into your FortiGSLB Cloud account through the Web UI.
  2. Go to Account Information.
  3. Locate API Key.
  4. Click Create. This will generate an API key ID and API key secret.

You only have one chance to view the API key secret, so make sure you save it in a secure location. The key secret will not be stored at the back-end server.

In the API Key table, you can see the API key ID, creation and last usage timestamps, as well as its active or deactivated status. If you encounter any security issues with the key, you have the option to deactivate it. Please note that if your API Key is leaked, we might deactivate it as a precautionary measure. Each user is limited to creating only one API key at a time. If needed, you can delete an existing API key before generating a new one.

When using this API key, just put it in the HTTP authentication header as below:

authentication: Basic <api-key-secret>

Please note, exceeding the limit of failed attempts (3 times) will result in a 30-minute cool down period for further requests. Failed attempts can accumulate due to the following four scenarios:

  1. Cannot find the corresponding user on FortiCloud.

  2. The API key is illegal.

  3. Do not have any valid licenses.

  4. Using a deactivated API key.

We have implemented rate limiting, allowing a maximum of 200 requests per minute. This limit applies to both IP addresses and API keys.

Previous
Next