REST API for file upload
There are three steps to upload a file to FortiMail through the REST API:
- Require file uploading authorization token
- Upload local file with authorization token
- Apply uploaded file on resource
|
URL |
HTTP method |
Summary |
|---|---|---|
|
/resource/ |
POST |
Require authorization token. “Resource” is the name of the resource on which the uploaded file will apply to. The request must set the “reqAction” field to 22. |
|
/uploadfile?token=tokenStr |
POST |
Upload file with authorization token. |
|
/resource/ |
PUT |
Apply uploaded file on related resource. |
Require file uploading authorization token
Example:
curl –v –H "Content-Type: application/json" -X POST -d '{"reqAction":22}' http://host_or_ip/api/v1/CentralRestoreFirmware --cookie cookie.txt
The “reqAction” field should be set to 22, which requires FortiMail to generate the file uploading authorization token. “CentralRestoreFirmware” is the ID of the resource on which the uploaded file will apply to. For resources that support sub resources, extra sub resource IDs should be added, which can always be set to “0”. For example, resource ID “UserMaillist” supports sub resources, with an example URL of http://host_or_api/api/v1/UserMaillist/0
Response:
{“token”: “tokenStr”}
The “token” value is generated by FortiMail. This is used in the next step.
Upload local file with authorization token
Example:
curl -F 'testfile=@/tmp/file.diff'
http://host_or_ip/api/v1/uploadfile?token=tokenStr--cookie cookie.txt
In this example, “testfile” is a self-assigned ID to indicate the uploading action, “/tmp/file.diff” is the full path of the local file you want to upload, and the “token” field should be set to the value provided in the previous step.
Response:
{“id”:”uploadedFileId”}
The “id” value is generated by FortiMail. This is used in the next step.
Apply uploaded file on resource
Update firmware
The resource used for updating the firmware is “CentralRestoreFirmware”.
|
URL |
HTTP method |
Summary |
|---|---|---|
| /CentralRestoreFirmware/ | PUT | Set the “filename” field to the “id” value from the previous step. |
Example:
curl -v -H "Content-Type: application/json" -X PUT -d '{"filename" : "uploadedFileId"}' http://host_or_ip/api/v1/CentralRestoreFirmware --cookie cookie.txt
Update configuration
The resource used for updating the configuration is “CentralRestoreConfig”.
|
URL |
HTTP method |
Summary |
|---|---|---|
| /CentralRestoreConfig/ | PUT | Set the “filename” field to the “id” value from the previous step. |
Example:
curl -v -H "Content-Type: application/json" -X PUT -d '{"source":0,"filename":"uploadedFileId","check_platform":1}' http://host_or_ip/api/v1/CentralRestoreConfig --cookie cookie.txt
Restore Block/Safe list
System, domain, and personal block/safe lists can be restored. The resource used for these actions is “UserMaillist”.
Because “UserMaillist” supports sub resources, the URL used in the first step (Require file uploading authorization token) should have the format, http://host_or_api/api/v1/UserMaillist/0.
|
URL |
HTTP method |
Summary |
|---|---|---|
| /UserMaillist/system | PUT | System block list restore. Set the “extraParam” field to “blacklist”, and set the “restore” field to “id”. |
| /UserMaillist/system | PUT | System safe list restore. Set the “extraParam” field to “whitelist”, and set the “restore” field to “id”. |
| /UserMaillist/domainname | PUT | Domain block list restore. Set the “extraParam” field to “blacklist”, and set the “restore” field to “id”. “domainname” is the domain on which the list will restore. |
| /UserMaillist/domainname | PUT | Domain safe list restore. Set the “extraParam” field to “whitelist”, and set the “restore” field to “id”. “domainname” is the domain on which the list will restore. |
| /UserMaillist/useraddress | PUT | Personal block list restore. Set the “extraParam” field to “blacklist”, and set the “restore” field to “id”. “domainname” is the domain on which the list will restore. |
| /UserMaillist/useraddress | PUT | Personal safe list restore. Set the “extraParam” field to “whitelist”, and set the “restore” field to “id”. “domainname” is the domain on which the list will restore. |
Example for system block list restore:
curl -v -H "Content-Type: application/json" -X PUT -d '{"restore":"uploadedFileId", "extraParam":"blacklist"}' http://host_or_ip/api/v1/UserMaillist/system --cookie cookie.txt
Example for system safe list restore:
curl -v -H "Content-Type: application/json" -X PUT -d '{"restore":"uploadedFileId", "extraParam":"whitelist"}' http://host_or_ip/api/v1/UserMaillist/system --cookie cookie.txt
Example for domain (1.ca) block list restore:
curl -v -H "Content-Type: application/json" -X PUT -d '{"restore":"uploadedFileId", "extraParam":"blacklist"}' http://host_or_ip/api/v1/UserMaillist/1.ca --cookie cookie.txt
Example for domain (1.ca) safe list restore:
curl -v -H "Content-Type: application/json" -X PUT -d '{"restore":"uploadedFileId", "extraParam":"whitelist"}' http://host_or_ip/api/v1/UserMaillist/1.ca --cookie cookie.tx
Example for personal (u1@1.ca) block list restore:
curl -v -H "Content-Type: application/json" -X PUT –d '{"restore":"uploadedFileId", "extraParam":"blacklist"}' http://host_or_ip/api/v1/UserMaillist/u1@1.ca --cookie cookie.txt
Example for personal (u1@1.ca) safe list restore:
curl -v -H "Content-Type: application/json" -X PUT -d '{"restore":"uploadedFileId", "extraParam":"whitelist"}' http://host_or_ip/api/v1/UserMaillist/u1@1.ca --cookie cookie.txt