Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiFlex 24.4.0 Administration Guide
    24.4.0
    24.4.0
    24.3.1
    24.3.0
    24.2.1
    24.2.0
    24.1.1
    24.1.0
    23.4.1
    23.4.0
    23.3.0
    23.2.1
    23.2.0
    23.1.0
    22.4.0
    1.0.0

    FortiFlex API

    FortiFlex API

    Instead of making changes to your FortiFlex objects in the FortiCloud portal, you can automate tasks, such as creating VMs and entitlements, with an API when integrating with cloud orchestration platforms.

    Note

    FortiFlex API information can also be found on the Fortinet Developer Network along with sample Python script.

    When implementing the FortiFlex API, you can follow this general process:

    1. Create an API user.

    2. Acquire the API token.

    3. Run API calls against the FortiFlex portal to view, create, or modify objects.

    Note

    Before you begin, ensure that you have a FortiCloud account and have FortiFlex activated.
    To create an API user:

    1. Go to https://support.fortinet.com.

    2. Go to Services > IAM.

    3. Create an active permission profile that includes the FortiFlex portal. See Creating a permission profile in the Identity & Access Management (IAM) guide.

      Note

      Actions that involve changing or creating data, such as creating a new configuration or updating a VM, will require read and write permissions or above.

    4. Create an API user with the permission profile from the previous step applied. See Adding an API user in the Identity & Access Management (IAM) guide.

    5. Click Download Credentials and set a password. A CSV file with the API user's credentials is downloaded that can only be opened with the password. See Adding an API user in the Identity & Access Management (IAM) guide.

      Note

      Downloading API user credentials will reset the user's security credentials each time you perform this action. Any previous password will become invalid.
    To acquire the API token:

    1. Open the Postman app.

      Note

      The Postman API Toolkit can be found at https://www.postman.com. FortiFlex Postman collections can also be found on GitHub.

    2. Click Create a request.

    3. Enter the following information:

      Method POST
      URL https://customerapiauth.fortinet.com/api/v1/oauth/token/

    4. Click Body.

    5. Select raw and JSON.

    6. Enter the following content:

      {
    "username":"<username of your API user>",
    "password":"<password of your API user>",
    "client_id":"flexvm",
    "grant_type":"password"
}

    7. Click Send. If authentication is successful, you should receive a 200 response code with the following information:

      • access_token: The API token that will be used to run API calls against the FortiFlex portal.

      • expires_in: The token expiration time in seconds. The default value is 1440 seconds.

    8. Copy the access_token value.

    To run API calls:

    1. Click on the + to open a new tab in the Postman app.

    2. Click Authorization.

    3. Set Type to Bearer Token.

    4. Paste the access_token value in the Token field.

    Note

    The URL for the API calls is https://support.fortinet.com.
    Previous
    Next

    FortiFlex API

    FortiFlex API

    Instead of making changes to your FortiFlex objects in the FortiCloud portal, you can automate tasks, such as creating VMs and entitlements, with an API when integrating with cloud orchestration platforms.

    Note

    FortiFlex API information can also be found on the Fortinet Developer Network along with sample Python script.

    When implementing the FortiFlex API, you can follow this general process:

    1. Create an API user.

    2. Acquire the API token.

    3. Run API calls against the FortiFlex portal to view, create, or modify objects.

    Note

    Before you begin, ensure that you have a FortiCloud account and have FortiFlex activated.
    To create an API user:

    1. Go to https://support.fortinet.com.

    2. Go to Services > IAM.

    3. Create an active permission profile that includes the FortiFlex portal. See Creating a permission profile in the Identity & Access Management (IAM) guide.

      Note

      Actions that involve changing or creating data, such as creating a new configuration or updating a VM, will require read and write permissions or above.

    4. Create an API user with the permission profile from the previous step applied. See Adding an API user in the Identity & Access Management (IAM) guide.

    5. Click Download Credentials and set a password. A CSV file with the API user's credentials is downloaded that can only be opened with the password. See Adding an API user in the Identity & Access Management (IAM) guide.

      Note

      Downloading API user credentials will reset the user's security credentials each time you perform this action. Any previous password will become invalid.
    To acquire the API token:

    1. Open the Postman app.

      Note

      The Postman API Toolkit can be found at https://www.postman.com. FortiFlex Postman collections can also be found on GitHub.

    2. Click Create a request.

    3. Enter the following information:

      Method POST
      URL https://customerapiauth.fortinet.com/api/v1/oauth/token/

    4. Click Body.

    5. Select raw and JSON.

    6. Enter the following content:

      {
    "username":"<username of your API user>",
    "password":"<password of your API user>",
    "client_id":"flexvm",
    "grant_type":"password"
}

    7. Click Send. If authentication is successful, you should receive a 200 response code with the following information:

      • access_token: The API token that will be used to run API calls against the FortiFlex portal.

      • expires_in: The token expiration time in seconds. The default value is 1440 seconds.

    8. Copy the access_token value.

    To run API calls:

    1. Click on the + to open a new tab in the Postman app.

    2. Click Authorization.

    3. Set Type to Bearer Token.

    4. Paste the access_token value in the Token field.

    Note

    The URL for the API calls is https://support.fortinet.com.
    Previous
    Next