Fortinet black logo

Handbook

Home FortiADC 7.4.2 Handbook
7.4.2
7.4.3
7.4.2
7.4.1
7.4.0
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.1.4
7.1.3
7.1.2
7.1.1
7.1.0
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.1.6
6.1.5
6.1.4
6.1.3
6.1.2
6.1.1
6.1.0
6.0.1
6.0.0
5.4.3
5.4.2
5.4.1
5.4.0
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.1
5.3.0
5.2.7

API Discovery

API Discovery

Under the API Protection sub-menu, the API Discovery page contains the features that allow you to protect your application against malicious APIs through discovered API endpoints.

Through API Discovery policies, FortiADC is enabled to automatically discover external API endpoints from HTTP/HTTPS requests and responses that have passed through API validity checks, wherein the API is parsed for information including the Host, Paths, parameters and their schemas from query requests or entity bodies, as well as classify parameters that match PII (Personal Identifiable Information) signatures. API Discovery also supports manually imported OAS files compliant with OpenAPI 3.0 and Swagger 2.0 standard to parse and discover as internal API endpoints that can also be matched by incoming API requests or responses.

This section includes the following:

Previous
Next

API Discovery

Under the API Protection sub-menu, the API Discovery page contains the features that allow you to protect your application against malicious APIs through discovered API endpoints.

Through API Discovery policies, FortiADC is enabled to automatically discover external API endpoints from HTTP/HTTPS requests and responses that have passed through API validity checks, wherein the API is parsed for information including the Host, Paths, parameters and their schemas from query requests or entity bodies, as well as classify parameters that match PII (Personal Identifiable Information) signatures. API Discovery also supports manually imported OAS files compliant with OpenAPI 3.0 and Swagger 2.0 standard to parse and discover as internal API endpoints that can also be matched by incoming API requests or responses.

This section includes the following:

Previous
Next