Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

REST API Solution Guide

RADIUS users (/radiususers/)

URL:  https://[server_name]/api/v1/radiususers/

This endpoint represents imported remote RADIUS user resource.

Supported fields

Field Display name Type Required

Read Only

Other restrictions
username Username string Yes

Yes

 
server_name Server name string Yes, if creating user

Yes

 
server_address Server address string Yes, if creating user

Yes

 
email E-mail address string No

 

Must be a valid e-mail address
active Account Status boolean No

 

 

reason

Disable reason

interger

No

 

Default is 0. One of 0 (manually disabled), 1 (account inactivity), 2 (too many failed attempts), 3 (account expiry), 4 (password expiry), 5 (FTM activation expiry), 6 (revoked token), 7 (usage limit exceeded), or 8 (pending administrator approval).

mobile_number Mobile number string No

 

max length = 25, must follow international number format: +[country_code]-[number]
token_auth Token Auth boolean No

 

Whether second factor authentication should be enabled. If true, token_type is required.
token_type Token Type string No

 

One of ftk, ftm, ftc, email, sms, or dual. If email is chosen, email is required. If SMS is chosen, mobile_number is required. Both are required if dual is selected.
token_serial Token Serial string No

 

If token_type is ftm, or ftk, and this is not present or blank, the next available token will be assigned.
ftm_act_method FTM Activation Delivery Method string No

 

One of email or sms. If email is chosen, email is required. If SMS is chosen, mobile_number is required.

fido

FIDO

boolean

No

No

Default is disabled.

Allowed methods

HTTP method Resource URI Action
GET /api/v1/radiususers/ Get all non-admin RADIUS users
GET /api/v1/radiususers/[id]/ Get a specific non-admin RADIUS user
POST /api/v1/radiususers/[id]/sendoobtoken/ Create a new RADIUS user
POST /api/v1/radiususers/[id]/sendoobtoken/ Send an out-of-band token code (email/SMS token) to a RADIUS user
PATCH /api/v1/radiususers/[id]/ Update specified fields for a specific RADIUS user with ID id
DELETE /api/v1/radiususers/[id]/ Delete a RADIUS user

Allowed filters

Field Lookup expressions Values
username exact, iexact, contains, icontains, in  
email exact, iexact, contains, icontains, in  
active exact  
server_name exact, iexact, contains, icontains  
server_address exact, iexact, contains, icontains  
token_type   ftk, ftm, ftc, email, sms
token_serial exact, iexact  

Third-party integration: FTM provisioning

This resource allows for FTM provisioning in the same manner specified above for remote LDAP users.

RADIUS users (/radiususers/)

URL:  https://[server_name]/api/v1/radiususers/

This endpoint represents imported remote RADIUS user resource.

Supported fields

Field Display name Type Required

Read Only

Other restrictions
username Username string Yes

Yes

 
server_name Server name string Yes, if creating user

Yes

 
server_address Server address string Yes, if creating user

Yes

 
email E-mail address string No

 

Must be a valid e-mail address
active Account Status boolean No

 

 

reason

Disable reason

interger

No

 

Default is 0. One of 0 (manually disabled), 1 (account inactivity), 2 (too many failed attempts), 3 (account expiry), 4 (password expiry), 5 (FTM activation expiry), 6 (revoked token), 7 (usage limit exceeded), or 8 (pending administrator approval).

mobile_number Mobile number string No

 

max length = 25, must follow international number format: +[country_code]-[number]
token_auth Token Auth boolean No

 

Whether second factor authentication should be enabled. If true, token_type is required.
token_type Token Type string No

 

One of ftk, ftm, ftc, email, sms, or dual. If email is chosen, email is required. If SMS is chosen, mobile_number is required. Both are required if dual is selected.
token_serial Token Serial string No

 

If token_type is ftm, or ftk, and this is not present or blank, the next available token will be assigned.
ftm_act_method FTM Activation Delivery Method string No

 

One of email or sms. If email is chosen, email is required. If SMS is chosen, mobile_number is required.

fido

FIDO

boolean

No

No

Default is disabled.

Allowed methods

HTTP method Resource URI Action
GET /api/v1/radiususers/ Get all non-admin RADIUS users
GET /api/v1/radiususers/[id]/ Get a specific non-admin RADIUS user
POST /api/v1/radiususers/[id]/sendoobtoken/ Create a new RADIUS user
POST /api/v1/radiususers/[id]/sendoobtoken/ Send an out-of-band token code (email/SMS token) to a RADIUS user
PATCH /api/v1/radiususers/[id]/ Update specified fields for a specific RADIUS user with ID id
DELETE /api/v1/radiususers/[id]/ Delete a RADIUS user

Allowed filters

Field Lookup expressions Values
username exact, iexact, contains, icontains, in  
email exact, iexact, contains, icontains, in  
active exact  
server_name exact, iexact, contains, icontains  
server_address exact, iexact, contains, icontains  
token_type   ftk, ftm, ftc, email, sms
token_serial exact, iexact  

Third-party integration: FTM provisioning

This resource allows for FTM provisioning in the same manner specified above for remote LDAP users.