POST

POST

Pre-authentication URI:

/api/v1/auth/preview

Input fields:

Field Name	Type	Required	Description
realm	string	No	The realm name, which can be up to 80 characters in length.
realm_id	string	No	The realm ID.
username	string	Yes	The username, which can be up to 80 characters in length.
case_accent_sensitive	boolean	No	Whether the username is case-sensitive.
auth_method	string	No	The authentication method can be one of the following: ‘FTM’ ‘Email’ ‘SMS’ ‘FTK’
user_ip	string	No	The user's IP address.
location	string	No	The user's location.

Successful response fields:

Field name	Type	Description
auth_method	string	The authentication method, which can be one of the following: ‘FTM’ ‘Email’ ‘SMS’ ‘FTK’
action	string	The action for this authentication. Can be one of the following: ‘Bypass’ ‘MFA’ ‘Block’
temp_token	boolean	Whether there is a temp token available for the user. If there is a temp token, the auth_method in response will indicate the original auth method.
push_enabled	boolean	Whether push is enabled for this user. This field will be added if the action is ‘MFA’ and auth_method is ‘FTM’.
message	boolean	Error message on why the action is ‘Block’.

Response codes:

Code	Response content	Description
200 OK	Successful content as above	Regular preview auth request.
400 Bad Request	application not found. Realm not assigned. User not found. No token or token was not activated.
402 Payment Required	Account was disabled. The remaining SMS under customer is not enough.

Example request body:

{ 
   "username":"abc", 
   "realm":"root", 
   "location":"US", 
   "user_ip":"10.160.x.x" 
}

Example of successful response body:

{ 
   "auth_method":"FTM", 
   "action":"MFA", 
   "push_enabled":True 
}

Authentication URI:

• /api/v1/auth

Input fields:

Field Name	Type	Required	Description
realm	string	No	The realm name, which can be up to 80 characters in length.
realm_id	string	No	The realm ID.
username	string	Yes	The username, which can be up to 80 characters in length.
token	string	No	The one-time password
case_accent_sensitive	boolean	No	Whether the username is case-sensitive.
auth_method	string	No	The authentication method can be one of the following: ‘FTM’ ‘Email’ ‘SMS’ ‘FTK’
user_ip	string	No	The user's IP address.
location	string	No	The user's location.
account	string	No	The account name of the application server.
user_agent	string	No	The user agent.
token_selection	string	No	Indicates which token/auth_method to use, original token or temporary token: ‘regular’—user regular token only ‘temp’—use temp token only ‘all’—try all the tokens

Successful response fields:

Field name	Type	Description
authid	string	The auth ID

Response codes:

Code	Response content	Description
200 OK		Regular auth request, request with a token code.
201 OK		Push authentication, auth method is FTM and request without token code.
202 OK		Client is requesting FIC to send an OTP to a user based on the user's settings in FIC (either email or SMS), no token code.
400 Bad Request	No token was assigned to or activated by user. The application version doesn’t support authentication. Failed to send verification code to user (by SMS) due to not enough balance User does not exist.
402 Payment Required	The remaining SMS under the customer is not enough.
403 Forbidden	Rejected authentication for user.	The customer auth profile does not allow this specific action to use authentication service. Could be one of the following reasons: Location IP is forbidden. User is disabled/locked out/ bypassed OTP verification failed for user

Example request body:

{ 
   "token":"xxxxxx", 
   "username":"abc", 
   "realm":"root", 
   "user_agent":"Mobile Safari", 
   "location":"US", 
   "user_ip":"10.160.x.x", 
   "account":"Fortinet" 
}

Example of successful response body:

{ 
   "authid":"12345678-abcd-efgh-1234-xxxxxxxxxxxx" 
}

POST

Pre-authentication URI:

/api/v1/auth/preview

Input fields:

Field Name	Type	Required	Description
realm	string	No	The realm name, which can be up to 80 characters in length.
realm_id	string	No	The realm ID.
username	string	Yes	The username, which can be up to 80 characters in length.
case_accent_sensitive	boolean	No	Whether the username is case-sensitive.
auth_method	string	No	The authentication method can be one of the following: ‘FTM’ ‘Email’ ‘SMS’ ‘FTK’
user_ip	string	No	The user's IP address.
location	string	No	The user's location.

Successful response fields:

Field name	Type	Description
auth_method	string	The authentication method, which can be one of the following: ‘FTM’ ‘Email’ ‘SMS’ ‘FTK’
action	string	The action for this authentication. Can be one of the following: ‘Bypass’ ‘MFA’ ‘Block’
temp_token	boolean	Whether there is a temp token available for the user. If there is a temp token, the auth_method in response will indicate the original auth method.
push_enabled	boolean	Whether push is enabled for this user. This field will be added if the action is ‘MFA’ and auth_method is ‘FTM’.
message	boolean	Error message on why the action is ‘Block’.

Response codes:

Code	Response content	Description
200 OK	Successful content as above	Regular preview auth request.
400 Bad Request	application not found. Realm not assigned. User not found. No token or token was not activated.
402 Payment Required	Account was disabled. The remaining SMS under customer is not enough.

Example request body:

{ 
   "username":"abc", 
   "realm":"root", 
   "location":"US", 
   "user_ip":"10.160.x.x" 
}

Example of successful response body:

{ 
   "auth_method":"FTM", 
   "action":"MFA", 
   "push_enabled":True 
}

Authentication URI:

• /api/v1/auth

Input fields:

Field Name	Type	Required	Description
realm	string	No	The realm name, which can be up to 80 characters in length.
realm_id	string	No	The realm ID.
username	string	Yes	The username, which can be up to 80 characters in length.
token	string	No	The one-time password
case_accent_sensitive	boolean	No	Whether the username is case-sensitive.
auth_method	string	No	The authentication method can be one of the following: ‘FTM’ ‘Email’ ‘SMS’ ‘FTK’
user_ip	string	No	The user's IP address.
location	string	No	The user's location.
account	string	No	The account name of the application server.
user_agent	string	No	The user agent.
token_selection	string	No	Indicates which token/auth_method to use, original token or temporary token: ‘regular’—user regular token only ‘temp’—use temp token only ‘all’—try all the tokens

Successful response fields:

Field name	Type	Description
authid	string	The auth ID

Response codes:

Code	Response content	Description
200 OK		Regular auth request, request with a token code.
201 OK		Push authentication, auth method is FTM and request without token code.
202 OK		Client is requesting FIC to send an OTP to a user based on the user's settings in FIC (either email or SMS), no token code.
400 Bad Request	No token was assigned to or activated by user. The application version doesn’t support authentication. Failed to send verification code to user (by SMS) due to not enough balance User does not exist.
402 Payment Required	The remaining SMS under the customer is not enough.
403 Forbidden	Rejected authentication for user.	The customer auth profile does not allow this specific action to use authentication service. Could be one of the following reasons: Location IP is forbidden. User is disabled/locked out/ bypassed OTP verification failed for user

Example request body:

{ 
   "token":"xxxxxx", 
   "username":"abc", 
   "realm":"root", 
   "user_agent":"Mobile Safari", 
   "location":"US", 
   "user_ip":"10.160.x.x", 
   "account":"Fortinet" 
}

Example of successful response body:

{ 
   "authid":"12345678-abcd-efgh-1234-xxxxxxxxxxxx" 
}

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Unified SASE

Single Vendor SASE

Cloud Network Security

Secure Endpoint Connectivity

Web Application / API Protection

Security Operations

Security Operations Automation

Identity

Early Detection & Prevention

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Communication & Surveillance

Unified SASE

Single Vendor SASE

Secure Endpoint Connectivity

Cloud Network Security

Cloud-Native Security

Web Application / API Protection

Security Operations

Security Operations Automation

Endpoint

Data Protection

Identity

Email

Early Detection & Prevention

Expert Services

Edge Firewall

Orchestration & management

SD Branch

Application Delivery

Single Vendor SASE

Secure Endpoint Connectivity

Secure Private Access

Thin Edge

Identity

Application Gateway

Enterprise Asset Management

Endpoint Agent

Agentless Security Posture

Identity

Wireless

Switching

Identity

Privilege Acccess Management

Next Generation Firewall

Orchestration & management

Expert Services

Web Application / API Protection

All

All

Account Management

SAAS Management

SAAS Application Security

Managed Services

Platform as a service (PAAS)

Other SAAS Services

4D Pillars

Cloud

Popular Solutions

All Products

REST API

POST

Pre-authentication URI:

Input fields:

Successful response fields:

Response codes:

Example request body:

Example of successful response body:

Authentication URI:

Input fields:

Successful response fields: