Fortinet white logo
Fortinet white logo

Administration Guide

FortiFlex API

FortiFlex API

Instead of making changes to your FortiFlex objects in the FortiCloud portal, you can automate tasks, such as creating VMs and entitlements, with an API when integrating with cloud orchestration platforms.

Note

FortiFlex API information can also be found on the Fortinet Developer Network along with sample Python script.

When implementing the FortiFlex API, you can follow this general process:

  1. Create an API user.

  2. Acquire the API token.

  3. Run API calls against the FortiFlex portal to view, create, or modify objects.

Note

Before you begin, ensure that you have a FortiCloud account and have FortiFlex activated.

To create an API user:
  1. Go to https://support.fortinet.com.

  2. Go to Services > IAM.

  3. Create an active permission profile that includes the FortiFlex portal. See Creating a permission profile in the Identity & Access Management (IAM) guide.

    Note

    Actions that involve changing or creating data, such as creating a new configuration or updating a VM, will require read and write permissions or above.

  4. Create an API user with the permission profile from the previous step applied. See Adding an API user in the Identity & Access Management (IAM) guide.

  5. Click Download Credentials and set a password. A CSV file with the API user's credentials is downloaded that can only be opened with the password. See Adding an API user in the Identity & Access Management (IAM) guide.

    Note

    Downloading API user credentials will reset the user's security credentials each time you perform this action. Any previous password will become invalid.

To acquire the API token:
  1. Open the Postman app.

    Note

    The Postman API Toolkit can be found at https://www.postman.com. FortiFlex Postman collections can also be found on GitHub.

  2. Click Create a request.

  3. Enter the following information:

    Method POST
    URL https://customerapiauth.fortinet.com/api/v1/oauth/token
  4. Click Body.

  5. Select raw and JSON.

  6. Enter the following content:

    {
        "username":"<username of your API user>",
        "password":"<password of your API user>",
        "client_id":"flexvm",
        "grant_type":"password"
    }
  7. Click Send. If authentication is successful, you should receive a 200 response code with the following information:

    • access_token: The API token that will be used to run API calls against the FortiFlex portal.

    • expires_in: The token expiration time in seconds. The default value is 1440 seconds.

  8. Copy the access_token value.

To run API calls:
  1. Click on the + to open a new tab in the Postman app.

  2. Click Authorization.

  3. Set Type to Bearer Token.

  4. Paste the access_token value in the Token field.

Note

The URL for the API calls is https://support.fortinet.com.

FortiFlex API

FortiFlex API

Instead of making changes to your FortiFlex objects in the FortiCloud portal, you can automate tasks, such as creating VMs and entitlements, with an API when integrating with cloud orchestration platforms.

Note

FortiFlex API information can also be found on the Fortinet Developer Network along with sample Python script.

When implementing the FortiFlex API, you can follow this general process:

  1. Create an API user.

  2. Acquire the API token.

  3. Run API calls against the FortiFlex portal to view, create, or modify objects.

Note

Before you begin, ensure that you have a FortiCloud account and have FortiFlex activated.

To create an API user:
  1. Go to https://support.fortinet.com.

  2. Go to Services > IAM.

  3. Create an active permission profile that includes the FortiFlex portal. See Creating a permission profile in the Identity & Access Management (IAM) guide.

    Note

    Actions that involve changing or creating data, such as creating a new configuration or updating a VM, will require read and write permissions or above.

  4. Create an API user with the permission profile from the previous step applied. See Adding an API user in the Identity & Access Management (IAM) guide.

  5. Click Download Credentials and set a password. A CSV file with the API user's credentials is downloaded that can only be opened with the password. See Adding an API user in the Identity & Access Management (IAM) guide.

    Note

    Downloading API user credentials will reset the user's security credentials each time you perform this action. Any previous password will become invalid.

To acquire the API token:
  1. Open the Postman app.

    Note

    The Postman API Toolkit can be found at https://www.postman.com. FortiFlex Postman collections can also be found on GitHub.

  2. Click Create a request.

  3. Enter the following information:

    Method POST
    URL https://customerapiauth.fortinet.com/api/v1/oauth/token
  4. Click Body.

  5. Select raw and JSON.

  6. Enter the following content:

    {
        "username":"<username of your API user>",
        "password":"<password of your API user>",
        "client_id":"flexvm",
        "grant_type":"password"
    }
  7. Click Send. If authentication is successful, you should receive a 200 response code with the following information:

    • access_token: The API token that will be used to run API calls against the FortiFlex portal.

    • expires_in: The token expiration time in seconds. The default value is 1440 seconds.

  8. Copy the access_token value.

To run API calls:
  1. Click on the + to open a new tab in the Postman app.

  2. Click Authorization.

  3. Set Type to Bearer Token.

  4. Paste the access_token value in the Token field.

Note

The URL for the API calls is https://support.fortinet.com.