POST
Pre-authentication URI:
-
/api/v1/auth/preview
Input fields:
Field Name | Type | Required |
Description |
---|---|---|---|
realm |
string |
No |
The realm name, which can be up to 80 characters in length. |
realm_id | string | No | The realm ID. |
sn |
string |
No |
The device's serial number. |
vdom |
string |
No |
The auth client’s vdom. |
username |
string |
Yes |
The username, which can be up to 80 characters in length. |
case_accent_sensitive |
boolean |
No |
Whether the username is case-sensitive. |
auth_method |
string |
No |
The authentication method can be one of the following:
|
user_ip | string | No | The user's IP address. |
location | string | No | The user's location. |
Successful response fields:
Field name | Type | Description |
---|---|---|
auth_method |
string |
The authentication method, which can be one of the following:
|
action |
string |
The action for this authentication. Can be one of the following:
|
temp_token |
boolean |
Whether there is a temp token available for the user. If there is a temp token, the auth_method in response will indicate the original auth method. |
push_enabled |
boolean |
Whether push is enabled for this user. This field will be added if the action is ‘MFA’ and auth_method is ‘FTM’. |
message |
boolean |
Error message on why the action is ‘Block’. |
Response codes:
Code | Response content | Description |
---|---|---|
200 OK | Successful content as above | Regular preview auth request. |
400 Bad Request |
|
|
402 Payment Required |
|
Example request body:
{ "username":"abc", "realm":"root", "location":"US", "user_ip":"10.160.x.x" }
Example of successful response body:
{ "auth_method":"FTM", "action":"MFA", "push_enabled":True }
Authentication URI:
• /api/v1/auth
Input fields:
Field Name | Type | Required |
Description |
---|---|---|---|
realm |
string |
No |
The realm name, which can be up to 80 characters in length. |
realm_id | string | No | The realm ID. |
sn |
string |
No |
The device's serial number. |
vdom |
string |
No |
The auth client’s vdom. |
username |
string |
Yes |
The username, which can be up to 80 characters in length. |
token |
string |
No |
The one-time password |
case_accent_sensitive |
boolean |
No |
Whether the username is case-sensitive. |
auth_method |
string |
No |
The authentication method can be one of the following:
|
user_ip | string | No | The user's IP address. |
location | string | No | The user's location. |
account |
string |
No |
The account name of the application server. |
user_agent |
string |
No |
The user agent. |
token_selection |
string |
No |
Indicates which token/auth_method to use, original token or temporary token:
|
Successful response fields:
Field name | Type | Description |
---|---|---|
authid |
string |
The auth ID |
Response codes:
Code | Response content | Description |
---|---|---|
200 OK | Regular auth request, request with a token code. | |
201 OK |
|
Push authentication, auth method is FTM and request without token code. |
202 OK |
|
Client is requesting FTC to send an OTP to a user based on the user's settings in FTC (either email or SMS), no token code. |
400 Bad Request |
|
|
402 Payment Required |
The reminding SMS under customer is not enough. |
|
403 Forbidden |
Rejected authentication for user. |
The customer auth profile does not allow this specific action to use authentication service. Could be one of the following reasons:
|
Example request body:
{ "token":"xxxxxx", "username":"abc", "realm":"root", "user_agent":"Mobile Safari", "location":"US", "user_ip":"10.160.x.x", "account":"Fortinet" }
Example of successful response body:
{ "authid":"12345678-abcd-efgh-1234-xxxxxxxxxxxx" }