Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.1.b
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home 26.1.b Administration Guide

    API access keys

    API access keys

    FortiEndpoint supports an option for the administrator to define an access code to identify an instance. A Fabric device can establish connection to a FortiEndpoint instance by providing one of the following in the SNI:

    • FortiCloud account ID. The connection succeeds if the FortiCloud account has only one FortiEndpoint instance and there is no organizational unit structure.
    • FortiCloud account ID and FortiEndpoint access key

    This feature supports the following key types:

    • EMS API access key. Only a primary account can create EMS API access keys. These keys do not expire.
    • FortiGate access key. This feature requires FortiOS 7.4.4 or later.
    To create an EMS API access key:
    1. In FortiEndpoint, go to Access Key > EMS API Access.
    2. Click Create New Key.
    3. In the Name field, enter a unique name, then click OK.
    4. Once the key is created, copy it to a safe location, as it does not display again after you close the dialog. Click Close.

    5. The EMS API keys display in the EMS API Access table. Note that the key ID is not the same as the generated API key that you copied in step 4. To view information about the keys, click How to Use this Key.
    To create a FortiGate access key:
    1. In FortiEndpoint, go to Access Key > FortiGate Access Key.
    2. Click Create New Key.
    3. In the Name field, enter a unique name, then click OK.
    4. Once the key is created, copy it to a safe location, as it does not display again after you close the dialog. Click Close.

    5. The FortiGate keys display in the FortiGate Access Key table. Note that the key ID is not the same as the generated API key that you copied in step 4. To view information about the keys, click How to Use this Key.

    6. On the FortiGate, configure the key on the EMS Fabric connector:
      config endpoint-control fctems
						edit 1
						set status enable
						set name "ems-cloud"
						set fortinetone-cloud-authentication enable
						set cloud-authentication-access-key "<FortiGate key>"
						next
			end
    7. In EMS, authorize the FortiGate to complete the connection. Standalone FortiGates or separate virtual domains from the same FortiGate can establish Fabric connection with FortiEndpoint.
    Previous
    Next

    API access keys

    API access keys

    FortiEndpoint supports an option for the administrator to define an access code to identify an instance. A Fabric device can establish connection to a FortiEndpoint instance by providing one of the following in the SNI:

    • FortiCloud account ID. The connection succeeds if the FortiCloud account has only one FortiEndpoint instance and there is no organizational unit structure.
    • FortiCloud account ID and FortiEndpoint access key

    This feature supports the following key types:

    • EMS API access key. Only a primary account can create EMS API access keys. These keys do not expire.
    • FortiGate access key. This feature requires FortiOS 7.4.4 or later.
    To create an EMS API access key:
    1. In FortiEndpoint, go to Access Key > EMS API Access.
    2. Click Create New Key.
    3. In the Name field, enter a unique name, then click OK.
    4. Once the key is created, copy it to a safe location, as it does not display again after you close the dialog. Click Close.

    5. The EMS API keys display in the EMS API Access table. Note that the key ID is not the same as the generated API key that you copied in step 4. To view information about the keys, click How to Use this Key.
    To create a FortiGate access key:
    1. In FortiEndpoint, go to Access Key > FortiGate Access Key.
    2. Click Create New Key.
    3. In the Name field, enter a unique name, then click OK.
    4. Once the key is created, copy it to a safe location, as it does not display again after you close the dialog. Click Close.

    5. The FortiGate keys display in the FortiGate Access Key table. Note that the key ID is not the same as the generated API key that you copied in step 4. To view information about the keys, click How to Use this Key.

    6. On the FortiGate, configure the key on the EMS Fabric connector:
      config endpoint-control fctems
						edit 1
						set status enable
						set name "ems-cloud"
						set fortinetone-cloud-authentication enable
						set cloud-authentication-access-key "<FortiGate key>"
						next
			end
    7. In EMS, authorize the FortiGate to complete the connection. Standalone FortiGates or separate virtual domains from the same FortiGate can establish Fabric connection with FortiEndpoint.
    Previous
    Next