Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Rest API

    7.4.0
    7.6.0
    7.4.0
    7.2.0

    Your First API Request

    Your First API Request

    Make your first API request using curl ( which is what we’ll use in these examples ), or your favorite API testing application suite ( for example, Postman ).

    Note : All requests require that the Authorization: Bearer token be included in the header.

    The following is an example curl command to retrieve all Hosts:

    $ curl -k --location --request GET 'https://<YOUR-FORTNAC-ADDRESS>/api/v2/host' --header 'Authorization: Bearer <YOUR-API-TOKEN>'

    This request will result in something similar to the following JSON output:

    {

    "status": "success",

    "errorMessage": null,

    "results": [

    {

    "landscape": 345051519875,

    "id": 1,

    "state": 0,

    "notes": null,

    "version": 1.6,

    "creationTime": 1583431955310,

    "validForTime": 1586023955310,

    "lastSuccessfulPoll": 0,

    "applications": null,

    "hostName": null,

    "owner": null,

    "policy": null,

    "hardwareType": null,

    "status": 0,

    "patchManagementVendor": null,

    "patchManagementID": null,

    "attributes": [],

    "adapters": [

    "00:50:56:98:31:0B"

    ],

    "role": null,

    "type": 9,

    "directoryPolicyValue": null,

    "agentVersion": null,

    "agentID": null,

    "agentSN": null,

    "agentTag": null,

    "agentPlatform": null,

    "iconType": null,

    "reValidation": false,

    "criticality": null,

    "reValidationInterval": 0,

    "lastReValidation": 0,

    "openPorts": null,

    "reValidationAction": {

    "disable": false,

    "version": 1.0

    },

    "domainId": -1,

    "loggedOnUserId": null,

    "policyHints": null,

    "managedByMDM": false,

    "mdmCompromised": false,

    "mdmCompliance": false,

    "mdmDataProtection": false,

    "mdmPasscodePresent": false,

    "adaptersAsString": "00:50:56:98:31:0B",

    "operatingSystem": "Linux Fedora based",

    "primaryMac": "00:50:56:98:31:0B",

    "adapterIpAsString": "",

    "adapterLocation": "",

    "atRisk": false,

    "pcserialNumber": null,

    "adapterObjects": [

    {

    "landscape": 345051519875,

    "id": 1,

    "identification": null,

    "state": 0,

    "type": 9,

    "vendorName": "VMware, Inc.",

    "parent": null,

    "lastSuccessfulPoll": null,

    "status": 0,

    "version": 3.3,

    "user": null,

    "clientState": 0,

    "creationTime": 1583431955301,

    "mediumType": null,

    "location": null,

    "container": null,

    "dpcRuleId": -1,

    "dpcRuleName": null,

    "accessValue": null,

    "ips": [],

    "hostID": 1,

    "attributes": [],

    "userID": null,

    "ipaddress": null,

    "physicalAddress": "00:50:56:98:31:0B",

    "firstName": null,

    "lastName": null,

    "hardwareType": null,

    "operatingSystem": "Linux Fedora based",

    "iconType": null,

    "auditObjectName": "00:50:56:98:31:0B",

    "auditObjectType": {

    "auditTableName": "DYNAMICAudit",

    "mysqlTableName": "DYNAMIC",

    "idnameQuery": "select id,physAddr from DYNAMIC where id in"

    },

    "addAuditSummary": "",

    "creationEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "ROGUE_MOBIL_CREATED",

    "elementType": 8,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014772,

    "version": 1.3,

    "time": 1584543014772,

    "empty": false

    },

    "destroyEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "ROGUE_MOBIL_DESTROYED",

    "elementType": 8,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014776,

    "version": 1.3,

    "time": 1584543014776,

    "empty": false

    },

    "establishedEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "ROGUE_MOBIL_CONNECTED",

    "elementType": 52,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014776,

    "version": 1.3,

    "time": 1584543014776,

    "empty": false

    },

    "lostEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "ROGUE_MOBIL_DISCONNECTED",

    "elementType": 52,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014776,

    "version": 1.3,

    "time": 1584543014776,

    "empty": false

    },

    "directoryPolicyValue": null,

    "pctype": null,

    "allIPsString": "",

    "device": false,

    "name": "VMware, Inc.",

    "hostName": null

    }

    ],

    "scanOnConnect": false,

    "inTopology": false,

    "vpnclient": false,

    "connectedAdapter": null,

    "expired": false,

    "auditObjectName": "00:50:56:98:31:0B",

    "auditObjectType": {

    "auditTableName": "HOSTRECORDAudit",

    "mysqlTableName": "HOSTRECORD",

    "idnameQuery": "select id,hostName from HOSTRECORD where id in"

    },

    "addAuditSummary": "",

    "creationEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "HOST_CREATED",

    "elementType": 52,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014778,

    "version": 1.3,

    "time": 1584543014778,

    "empty": false

    },

    "destroyEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "HOST_DESTROYED",

    "elementType": 52,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014779,

    "version": 1.3,

    "time": 1584543014779,

    "empty": false

    },

    "establishedEvent": null,

    "lostEvent": null,

    "directoryDisabled": false,

    "adapterContainerAsString": "",

    "validForTimeOffline": 1209600000,

    "agentPlatformEnum": null,

    "validTime": 1586023955310,

    "offlineAgeTime": 1584641555310,

    "vulnerabilityScanStatus": -1,

    "vulnerabilityScanDate": 0,

    "notAuthenticated": false,

    "typeLabel": "Rogue",

    "userLoggedOn": false,

    "scanned": false,

    "dialUpClient": false,

    "pendingAtRisk": false,

    "messageReceiver": false,

    "ip": null,

    "connected": false,

    "disabled": false,

    "name": "00:50:56:98:31:0B"

    },

    ],

    "total": 1

    }

    You can compare this data to what you see in the Hosts>Host View in the FortiNAC GUI.

    Now explore the rest of the REST API to see what you can accomplish!

    Filtering :

    By default, all results are returned from a query. Filtering of results is available for many of the API calls. Most of the calls to get all or count all objects can be filtered in the following manner.

    API requests are filtered by including the "filter" parameter in the request URL parameter:

    /api/v2/cmdb/<endpoint>?filter=[key][operator][pattern]

    The following filter operators are supported:

    Operator Description
    == Case insensitive match with pattern.
    != Does not match with pattern (case insensitive).
    =@ Pattern found in object value (case insensitive).
    !@ Pattern not found in object value (case insensitive).
    <= Value must be less than or equal to pattern.
    < Value must be less than pattern.
    >= Value must be greater than or equal to pattern.
    > Value must be greater than pattern.

    To create a complex query, filters can be combined as follows:

    Combination How to use it
    Logical OR Separate filters using commas ‘,’.
    Logical AND Separate filters using ampersands ‘&’.
    Combining AND and OR Separate filters using commas ‘,’ and ampersands ‘&’.

    Note: The "." and "\" characters need to be escaped if they are part of a filter pattern.

    Character Escaped Value
    . \.
    \ \\

    Previous
    Next

    Your First API Request

    Your First API Request

    Make your first API request using curl ( which is what we’ll use in these examples ), or your favorite API testing application suite ( for example, Postman ).

    Note : All requests require that the Authorization: Bearer token be included in the header.

    The following is an example curl command to retrieve all Hosts:

    $ curl -k --location --request GET 'https://<YOUR-FORTNAC-ADDRESS>/api/v2/host' --header 'Authorization: Bearer <YOUR-API-TOKEN>'

    This request will result in something similar to the following JSON output:

    {

    "status": "success",

    "errorMessage": null,

    "results": [

    {

    "landscape": 345051519875,

    "id": 1,

    "state": 0,

    "notes": null,

    "version": 1.6,

    "creationTime": 1583431955310,

    "validForTime": 1586023955310,

    "lastSuccessfulPoll": 0,

    "applications": null,

    "hostName": null,

    "owner": null,

    "policy": null,

    "hardwareType": null,

    "status": 0,

    "patchManagementVendor": null,

    "patchManagementID": null,

    "attributes": [],

    "adapters": [

    "00:50:56:98:31:0B"

    ],

    "role": null,

    "type": 9,

    "directoryPolicyValue": null,

    "agentVersion": null,

    "agentID": null,

    "agentSN": null,

    "agentTag": null,

    "agentPlatform": null,

    "iconType": null,

    "reValidation": false,

    "criticality": null,

    "reValidationInterval": 0,

    "lastReValidation": 0,

    "openPorts": null,

    "reValidationAction": {

    "disable": false,

    "version": 1.0

    },

    "domainId": -1,

    "loggedOnUserId": null,

    "policyHints": null,

    "managedByMDM": false,

    "mdmCompromised": false,

    "mdmCompliance": false,

    "mdmDataProtection": false,

    "mdmPasscodePresent": false,

    "adaptersAsString": "00:50:56:98:31:0B",

    "operatingSystem": "Linux Fedora based",

    "primaryMac": "00:50:56:98:31:0B",

    "adapterIpAsString": "",

    "adapterLocation": "",

    "atRisk": false,

    "pcserialNumber": null,

    "adapterObjects": [

    {

    "landscape": 345051519875,

    "id": 1,

    "identification": null,

    "state": 0,

    "type": 9,

    "vendorName": "VMware, Inc.",

    "parent": null,

    "lastSuccessfulPoll": null,

    "status": 0,

    "version": 3.3,

    "user": null,

    "clientState": 0,

    "creationTime": 1583431955301,

    "mediumType": null,

    "location": null,

    "container": null,

    "dpcRuleId": -1,

    "dpcRuleName": null,

    "accessValue": null,

    "ips": [],

    "hostID": 1,

    "attributes": [],

    "userID": null,

    "ipaddress": null,

    "physicalAddress": "00:50:56:98:31:0B",

    "firstName": null,

    "lastName": null,

    "hardwareType": null,

    "operatingSystem": "Linux Fedora based",

    "iconType": null,

    "auditObjectName": "00:50:56:98:31:0B",

    "auditObjectType": {

    "auditTableName": "DYNAMICAudit",

    "mysqlTableName": "DYNAMIC",

    "idnameQuery": "select id,physAddr from DYNAMIC where id in"

    },

    "addAuditSummary": "",

    "creationEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "ROGUE_MOBIL_CREATED",

    "elementType": 8,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014772,

    "version": 1.3,

    "time": 1584543014772,

    "empty": false

    },

    "destroyEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "ROGUE_MOBIL_DESTROYED",

    "elementType": 8,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014776,

    "version": 1.3,

    "time": 1584543014776,

    "empty": false

    },

    "establishedEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "ROGUE_MOBIL_CONNECTED",

    "elementType": 52,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014776,

    "version": 1.3,

    "time": 1584543014776,

    "empty": false

    },

    "lostEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "ROGUE_MOBIL_DISCONNECTED",

    "elementType": 52,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014776,

    "version": 1.3,

    "time": 1584543014776,

    "empty": false

    },

    "directoryPolicyValue": null,

    "pctype": null,

    "allIPsString": "",

    "device": false,

    "name": "VMware, Inc.",

    "hostName": null

    }

    ],

    "scanOnConnect": false,

    "inTopology": false,

    "vpnclient": false,

    "connectedAdapter": null,

    "expired": false,

    "auditObjectName": "00:50:56:98:31:0B",

    "auditObjectType": {

    "auditTableName": "HOSTRECORDAudit",

    "mysqlTableName": "HOSTRECORD",

    "idnameQuery": "select id,hostName from HOSTRECORD where id in"

    },

    "addAuditSummary": "",

    "creationEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "HOST_CREATED",

    "elementType": 52,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014778,

    "version": 1.3,

    "time": 1584543014778,

    "empty": false

    },

    "destroyEvent": {

    "landscape": -1,

    "id": -1,

    "state": 1,

    "name": "HOST_DESTROYED",

    "elementType": 52,

    "elementID": 1,

    "elementName": null,

    "message": null,

    "timeOfEvent": 1584543014779,

    "version": 1.3,

    "time": 1584543014779,

    "empty": false

    },

    "establishedEvent": null,

    "lostEvent": null,

    "directoryDisabled": false,

    "adapterContainerAsString": "",

    "validForTimeOffline": 1209600000,

    "agentPlatformEnum": null,

    "validTime": 1586023955310,

    "offlineAgeTime": 1584641555310,

    "vulnerabilityScanStatus": -1,

    "vulnerabilityScanDate": 0,

    "notAuthenticated": false,

    "typeLabel": "Rogue",

    "userLoggedOn": false,

    "scanned": false,

    "dialUpClient": false,

    "pendingAtRisk": false,

    "messageReceiver": false,

    "ip": null,

    "connected": false,

    "disabled": false,

    "name": "00:50:56:98:31:0B"

    },

    ],

    "total": 1

    }

    You can compare this data to what you see in the Hosts>Host View in the FortiNAC GUI.

    Now explore the rest of the REST API to see what you can accomplish!

    Filtering :

    By default, all results are returned from a query. Filtering of results is available for many of the API calls. Most of the calls to get all or count all objects can be filtered in the following manner.

    API requests are filtered by including the "filter" parameter in the request URL parameter:

    /api/v2/cmdb/<endpoint>?filter=[key][operator][pattern]

    The following filter operators are supported:

    Operator Description
    == Case insensitive match with pattern.
    != Does not match with pattern (case insensitive).
    =@ Pattern found in object value (case insensitive).
    !@ Pattern not found in object value (case insensitive).
    <= Value must be less than or equal to pattern.
    < Value must be less than pattern.
    >= Value must be greater than or equal to pattern.
    > Value must be greater than pattern.

    To create a complex query, filters can be combined as follows:

    Combination How to use it
    Logical OR Separate filters using commas ‘,’.
    Logical AND Separate filters using ampersands ‘&’.
    Combining AND and OR Separate filters using commas ‘,’ and ampersands ‘&’.

    Note: The "." and "\" characters need to be escaped if they are part of a filter pattern.

    Character Escaped Value
    . \.
    \ \\

    Previous
    Next