Fortinet black logo

FortiAuthenticator configuration

Copy Link
Copy Doc ID bb02bb94-dbf0-11ea-96b9-00505692583a:167227
Download PDF

FortiAuthenticator configuration

To enhance the Microsoft Windows operating system login with the use of a OTP (i.e. the two-factor authentication token), FortiAuthenticator Agent for Microsoft Windows uses the FortiAuthenticator REST API. To use the REST API, a key is required which must be generated before installing the desktop agent software.

Note

REST API admin access must be enabled on the FortiAuthenticator interface. To enable REST API on an interface, go to System > Network > Interfaces, edit the interface, and enable the REST API (/api) option.

Generating an API key requires a working email configuration. Before proceeding, configure and test an email server in System > Messages > SMTP Servers and set it as active in System > Messages > Email Services.

To generate an API key:
  1. Log into FortiAuthenticator.
  2. Edit the admin user in Authentication > Local User Management > Local Users and enable Web Service Access in the Role section. Click OK and an email containing the API Key for that user will be sent.

    The required users should be imported via LDAP and assigned a FortiToken with which to authenticate before proceeding.

FortiAuthenticator configuration

To enhance the Microsoft Windows operating system login with the use of a OTP (i.e. the two-factor authentication token), FortiAuthenticator Agent for Microsoft Windows uses the FortiAuthenticator REST API. To use the REST API, a key is required which must be generated before installing the desktop agent software.

Note

REST API admin access must be enabled on the FortiAuthenticator interface. To enable REST API on an interface, go to System > Network > Interfaces, edit the interface, and enable the REST API (/api) option.

Generating an API key requires a working email configuration. Before proceeding, configure and test an email server in System > Messages > SMTP Servers and set it as active in System > Messages > Email Services.

To generate an API key:
  1. Log into FortiAuthenticator.
  2. Edit the admin user in Authentication > Local User Management > Local Users and enable Web Service Access in the Role section. Click OK and an email containing the API Key for that user will be sent.

    The required users should be imported via LDAP and assigned a FortiToken with which to authenticate before proceeding.