Fortinet Document Library

Version:

Version:

Version:


Table of Contents

Administration Guide

Download PDF
Copy Link

API URLs

Below is a list of the API URLs that can be accessed for FortiNAC.

Function

Method

API URL

Alarm details

Alarm Information

GET

https://<servername>:8443/api/alarm?tag={tag}

Alarm Information by ID

GET

https://<servername>:8443api/alarm/{id}

Alarm actions

Acknowledge Alarm

POST

https://<servername>:8443/api/alarm/acknowledge/{dbid}

 

Control details

Get Control Tasks

GET

https://<servername>:8443/api/control

Control Information – by ID

GET

https://<servername>:8443/api/control/{dbid}

Control Information – by Host

GET

https://<servername>:8443/api/control/host/{hostId}

Control Information – by IP

GET

https://<servername>:8443/api/control/ipaddress/{ip}

Active Control Information

GET

https://<servername>:8443/api/control/active

Active Control Info - by IP

GET

https://<servername>:8443/api/control/active/ipaddress/{ip}

Active Control Info - by Host

GET

https://<servername>:8443/api/control/active/host/{hostId}

Inactive Control Information

GET

https://<servername>:8443/api/control/inactive

Inactive Control Information - by IP

GET

https://<servername>:8443/api/control/inactive/ipaddress/{ip}

Inactive Control Information - by Host

GET

https://<servername>:8443/api/control/inactive/host/{hostId}

Control Task Information

GET

https://<servername>:8443/api/control/{dbid}tasks

Control actions

Add Control Task by IP

POST

https://<servername>:8443/api/control/ipaddress

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

IP address: ip

Control Action: action

Duration: duration

Add Control Task by MAC Address

POST

https://<servername>:8443/api/control/macaddress

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

MAC Address: mac

Control Action: action

Duration: duration

Add Control Task by Endpoint

POST

https://<servername>:8443/api/control/endpoint

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

ID: id

Control Action: action

Duration: duration

Undo Control Task

POST

https://<servername>:8443/api/control/undo/{dbid}

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

IP address: ip

Control Action: action

Duration: duration

Delete Control Task

DELETE

https://<servername>:8443/api/control/{id}

Scan Control Task

POST

https://<servername>:8443/api/control/scan/{id}

Device profile actions

Register Profiled Devices

POST

https://<servername>:8443/api/deviceprofiler/profiled/register/{id}

Delete Profiled Device

DELETE

https://<servername>:8443/api/deviceprofiler/profiled/{id}

Device profile details

Profiled Devices

GET

https://<servername>:8443/api/deviceprofiler/profiled

Profile Device Identity

GET

https://<servername>:8443/api/deviceprofiler/identity/{id}

Device Profiling Rules

GET

https://<servername>:8443/api/deviceprofiler/rule

Device Profiling Rules by ID

GET

https://<servername>:8443/api/deviceprofiler/rule/{id}

Endpoint details

Endpoint Information

GET

https://<servername>:8443/api/host/?offset={offset}&limit={limit}

Default offset = 0

Default limit = 25

The following values can be appended to the end of the URL to further filter the results: 

id, createTime, hardwareType, hostName, owner, loggedOnUserId, os, connected, notes, ipAddress, macAddress, location, orderby, direction, role, atRisk, enabled, deviceType, serialNumber, limit, offset

Example: 

https://<servername>:8443/api/host/?hardwareType=mobile&connected=true

Endpoint Information - by ID

GET

https://<servername>:8443/api/host/{id}

The following values can be appended to the end of the URL to further filter the results:

role, atRisk, enabled, deviceType, serialNumber

Example:

https://<servername>:8443/api/host/3717/"enabled":true,"role":null,"atRisk":
false,"deviceType":"Rogue","serialNumber":null

Endpoint Information - by IP

GET

https://<servername>:8443/api/host/ipaddress/{ip}

Endpoint Information - by MAC

GET

https://<servername>:8443/api/host/macaddress/{mac}

Endpoint Adapters Information

GET

https://<servername>:8443/api/host/{dbid}/adapters

Endpoint Adapter Information - by Adapter

GET

https://<servername>:8443/api/host/adapter/{adapterID}

Network Port Information - by Adapter

GET

https://<servername>:8443/api/host/adapter/{adapterID}/port

Network Device Information - by Endpoint

GET

https://<servername>:8443/api/host/dbid/device

Endpoint actions

Add Modify Endpoint

POST

https://<servername>:8443/api/host/update

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Username: userID

Hostname: hName

Operating System: os

IP address: ip

MAC Address: mac

MAC Address is required to uniquely identify the endpoint. If the MAC Address exists in the database, the record is updated. If the MAC Address does not exist in the database a new endpoint record is created.

The following values can be appended to the end of the URL to further filter the results:

notes, hwType, role, enabled, serialNumber

Example:

https://&lt;servername&gt;:8443/api/host/update/"hardwareType":null,
"connected":false,"enabled":false,"role":"MyNewRole","serialNumber":null

Bulk Add Modify Endpoint

POST

https://<servername>:8443/api/host/bulkupdate

Delete Endpoint

DELETE

https://<servername>:8443/api/host/{id}

Event details

Retrieve Events

GET

https://<servername>:8443/api/event

Group details

Retrieve Groups

GET

https://<servername>:8443/api/group

Group actions

Update Group

POST

https://<servername>:8443/api/group

Delete Group

DELETE

https://<servername>:8443/api/group/{id}

Network details

Network Device Information

GET

https://<servername>:8443/api/network/device/?offset={offset}&limit={limit}

Default offset = 0

Default limit = 25

The following values can be appended to the end of the URL to further filter the results:

id, name, hardwareType, ipAddress, description, sysOid, orderby,
direction

Example:

https://<servername>:8443/api/network/device/?hardwareType=mobile&connected=true

Network Device Information - by ID

GET

https://<servername>:8443/api/network/device/{dbid}

Network Device Ports Information

GET

https://<servername>:8443/api/network/device/{dbid}/ports

Network Device Port Information - by ID

GET

https://<servername>:8443/api/network/device/port/{dbid}

Endpoint Information - by Port

GET

https://<servername>:8443/api/network/device/port/{dbid}/hosts

Endpoint Information - by Device

GET

https://<servername>:8443/api/network/device/{dbid}/hosts

Scheduler details

Scheduled Tasks

GET

https://<servername>:8443/api/scheduler

Scheduled Task by ID

GET

https://<servername>:8443/api/scheduler/{id}

Scheduler actions

Run Scheduled Tasks

POST

https://<servername>:8443/api/scheduler/run/{id}

User details

User Information

GET

https://<servername>:8443/api/user/?offset={offset}&limit={limit}

Default offset = 0

Default limit = 25

The following values can be appended to the end of the URL to further filter the results:

id, userid, firstName, lastName, address, city, state, zipcode, phone, email, mobilephone, mobileprovider, orderby, direction, role

Example:

https://<servername>:8443/api/user?city=concord&state=nh

User Information - by ID

GET

https://<servername>:8443/api/user/{dbid}

The following values can be appended to the end of the URL to further filter the results:

id, userid, firstName, lastName, address, city, state, zipcode, phone, email, mobilephone, mobileprovider, orderby, direction, role

User Information - by User ID

GET

https://<servername>:8443/api/user/userid/{userid}

id, userid, firstName, lastName, address, city, state, zipcode, phone, email, mobilephone, mobileprovider, orderby, direction, role

User actions

Add Modify User

POST

https://<servername>:8443/api/user/update

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Username: userID

First Name: fName

Last Name: lName

User Type: type (values are User or Administrative, with User being the default)

Email Address: email

Admin Profile: adminProfile (enter the name of the admin profile)

The userID parameter is required to uniquely identify the User. If the userID exists in the database, the record is updated. If the userID does not exist in the database a new User record is created.

Role: role

Delete User

DELETE

https://<servername>:8443/api/user/{id}

Network containers

Container Information

GET

https://<servername>:8443/api/network/domain?offset={offset}&limit={limit}

Default offset = 0

Default limit = 25

Container Information - by ID

GET

https://<servername>:8443/api/network/domain/{dbid}

Container Information - by Name

GET

https://<servername>:8443/api/network/domain/name/{name}

Network Devices by Container ID

GET

https://<servername>:8443/api/network/domain/{dbid}/devices

Network container actions

Add Container

POST

https://<servername>:8443/api/network/domain/update

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

The name parameter is required to uniquely identify the container. If the name does not exist in the database a new Container record is created.

SNMPv1 Discovery

POST

https://<servername>:8443/api/network/domain/ discovery/snmpV1

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

Starting IP address: startIP

Ending IP address: endIP

Security String: security

The name parameter is required to uniquely identify the container where discovery should be run. If the name exists in the database discovery is done for the selected container.

SNMPv1 CDP Discovery

POST

https://<servername>:8443/api/network/domain/ discovery/snmpV1/cdp

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

Starting IP address: startIP

Security String: security

The name parameter is required to uniquely identify the container where discovery should be run. If the name exists in the database discovery is done for the selected container.

When using CDP discovery it is recommended that you set the Maximum Cisco Discovery Depth in the FortiNAC Admin UI to limit the number of levels searched from the starting IP address. If this setting is not enabled, discovery may take an extensive amount of time.

SNMPv3 Discovery

POST

https://<servername>:8443/api/network/domain/ discovery/snmpV3

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

Starting IP address: startIP

Ending IP address: endIP

User name: user

Authentication Password: password

Privacy Password: privacy

Authentication Protocol: authProto

Privacy Protocol: privProto

The name parameter is required to uniquely identify the container where discovery should be run. If the name exists in the database discovery is done for the selected container.

SNMPv3 CDP Discovery

POST

https://<servername>:8443/api/network/domain/ discovery/snmpV3/cdp

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

Starting IP address: startIP

User name: user

Authentication Password: password

Privacy Password: privacy

Authentication Protocol: authProto

Privacy Protocol: privProto

The name parameter is required to uniquely identify the container where discovery should be run. If the name exists in the database discovery is done for the selected container.

When using CDP discovery it is recommended that you set the Maximum Cisco Discovery Depth in the FortiNAC Admin UI to limit the number of levels searched from the starting IP address. If this setting is not enabled, discovery may take an extensive amount of time.

Vendor OUI details

Vendor OUIs

GET

https://<servername>:8443/api/vendoroui

Vendor OUI by ID

GET

https://<servername>:8443/api/vendoroui/{id}

API URLs

Below is a list of the API URLs that can be accessed for FortiNAC.

Function

Method

API URL

Alarm details

Alarm Information

GET

https://<servername>:8443/api/alarm?tag={tag}

Alarm Information by ID

GET

https://<servername>:8443api/alarm/{id}

Alarm actions

Acknowledge Alarm

POST

https://<servername>:8443/api/alarm/acknowledge/{dbid}

 

Control details

Get Control Tasks

GET

https://<servername>:8443/api/control

Control Information – by ID

GET

https://<servername>:8443/api/control/{dbid}

Control Information – by Host

GET

https://<servername>:8443/api/control/host/{hostId}

Control Information – by IP

GET

https://<servername>:8443/api/control/ipaddress/{ip}

Active Control Information

GET

https://<servername>:8443/api/control/active

Active Control Info - by IP

GET

https://<servername>:8443/api/control/active/ipaddress/{ip}

Active Control Info - by Host

GET

https://<servername>:8443/api/control/active/host/{hostId}

Inactive Control Information

GET

https://<servername>:8443/api/control/inactive

Inactive Control Information - by IP

GET

https://<servername>:8443/api/control/inactive/ipaddress/{ip}

Inactive Control Information - by Host

GET

https://<servername>:8443/api/control/inactive/host/{hostId}

Control Task Information

GET

https://<servername>:8443/api/control/{dbid}tasks

Control actions

Add Control Task by IP

POST

https://<servername>:8443/api/control/ipaddress

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

IP address: ip

Control Action: action

Duration: duration

Add Control Task by MAC Address

POST

https://<servername>:8443/api/control/macaddress

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

MAC Address: mac

Control Action: action

Duration: duration

Add Control Task by Endpoint

POST

https://<servername>:8443/api/control/endpoint

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

ID: id

Control Action: action

Duration: duration

Undo Control Task

POST

https://<servername>:8443/api/control/undo/{dbid}

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

IP address: ip

Control Action: action

Duration: duration

Delete Control Task

DELETE

https://<servername>:8443/api/control/{id}

Scan Control Task

POST

https://<servername>:8443/api/control/scan/{id}

Device profile actions

Register Profiled Devices

POST

https://<servername>:8443/api/deviceprofiler/profiled/register/{id}

Delete Profiled Device

DELETE

https://<servername>:8443/api/deviceprofiler/profiled/{id}

Device profile details

Profiled Devices

GET

https://<servername>:8443/api/deviceprofiler/profiled

Profile Device Identity

GET

https://<servername>:8443/api/deviceprofiler/identity/{id}

Device Profiling Rules

GET

https://<servername>:8443/api/deviceprofiler/rule

Device Profiling Rules by ID

GET

https://<servername>:8443/api/deviceprofiler/rule/{id}

Endpoint details

Endpoint Information

GET

https://<servername>:8443/api/host/?offset={offset}&limit={limit}

Default offset = 0

Default limit = 25

The following values can be appended to the end of the URL to further filter the results: 

id, createTime, hardwareType, hostName, owner, loggedOnUserId, os, connected, notes, ipAddress, macAddress, location, orderby, direction, role, atRisk, enabled, deviceType, serialNumber, limit, offset

Example: 

https://<servername>:8443/api/host/?hardwareType=mobile&connected=true

Endpoint Information - by ID

GET

https://<servername>:8443/api/host/{id}

The following values can be appended to the end of the URL to further filter the results:

role, atRisk, enabled, deviceType, serialNumber

Example:

https://<servername>:8443/api/host/3717/"enabled":true,"role":null,"atRisk":
false,"deviceType":"Rogue","serialNumber":null

Endpoint Information - by IP

GET

https://<servername>:8443/api/host/ipaddress/{ip}

Endpoint Information - by MAC

GET

https://<servername>:8443/api/host/macaddress/{mac}

Endpoint Adapters Information

GET

https://<servername>:8443/api/host/{dbid}/adapters

Endpoint Adapter Information - by Adapter

GET

https://<servername>:8443/api/host/adapter/{adapterID}

Network Port Information - by Adapter

GET

https://<servername>:8443/api/host/adapter/{adapterID}/port

Network Device Information - by Endpoint

GET

https://<servername>:8443/api/host/dbid/device

Endpoint actions

Add Modify Endpoint

POST

https://<servername>:8443/api/host/update

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Username: userID

Hostname: hName

Operating System: os

IP address: ip

MAC Address: mac

MAC Address is required to uniquely identify the endpoint. If the MAC Address exists in the database, the record is updated. If the MAC Address does not exist in the database a new endpoint record is created.

The following values can be appended to the end of the URL to further filter the results:

notes, hwType, role, enabled, serialNumber

Example:

https://&lt;servername&gt;:8443/api/host/update/"hardwareType":null,
"connected":false,"enabled":false,"role":"MyNewRole","serialNumber":null

Bulk Add Modify Endpoint

POST

https://<servername>:8443/api/host/bulkupdate

Delete Endpoint

DELETE

https://<servername>:8443/api/host/{id}

Event details

Retrieve Events

GET

https://<servername>:8443/api/event

Group details

Retrieve Groups

GET

https://<servername>:8443/api/group

Group actions

Update Group

POST

https://<servername>:8443/api/group

Delete Group

DELETE

https://<servername>:8443/api/group/{id}

Network details

Network Device Information

GET

https://<servername>:8443/api/network/device/?offset={offset}&limit={limit}

Default offset = 0

Default limit = 25

The following values can be appended to the end of the URL to further filter the results:

id, name, hardwareType, ipAddress, description, sysOid, orderby,
direction

Example:

https://<servername>:8443/api/network/device/?hardwareType=mobile&connected=true

Network Device Information - by ID

GET

https://<servername>:8443/api/network/device/{dbid}

Network Device Ports Information

GET

https://<servername>:8443/api/network/device/{dbid}/ports

Network Device Port Information - by ID

GET

https://<servername>:8443/api/network/device/port/{dbid}

Endpoint Information - by Port

GET

https://<servername>:8443/api/network/device/port/{dbid}/hosts

Endpoint Information - by Device

GET

https://<servername>:8443/api/network/device/{dbid}/hosts

Scheduler details

Scheduled Tasks

GET

https://<servername>:8443/api/scheduler

Scheduled Task by ID

GET

https://<servername>:8443/api/scheduler/{id}

Scheduler actions

Run Scheduled Tasks

POST

https://<servername>:8443/api/scheduler/run/{id}

User details

User Information

GET

https://<servername>:8443/api/user/?offset={offset}&limit={limit}

Default offset = 0

Default limit = 25

The following values can be appended to the end of the URL to further filter the results:

id, userid, firstName, lastName, address, city, state, zipcode, phone, email, mobilephone, mobileprovider, orderby, direction, role

Example:

https://<servername>:8443/api/user?city=concord&state=nh

User Information - by ID

GET

https://<servername>:8443/api/user/{dbid}

The following values can be appended to the end of the URL to further filter the results:

id, userid, firstName, lastName, address, city, state, zipcode, phone, email, mobilephone, mobileprovider, orderby, direction, role

User Information - by User ID

GET

https://<servername>:8443/api/user/userid/{userid}

id, userid, firstName, lastName, address, city, state, zipcode, phone, email, mobilephone, mobileprovider, orderby, direction, role

User actions

Add Modify User

POST

https://<servername>:8443/api/user/update

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Username: userID

First Name: fName

Last Name: lName

User Type: type (values are User or Administrative, with User being the default)

Email Address: email

Admin Profile: adminProfile (enter the name of the admin profile)

The userID parameter is required to uniquely identify the User. If the userID exists in the database, the record is updated. If the userID does not exist in the database a new User record is created.

Role: role

Delete User

DELETE

https://<servername>:8443/api/user/{id}

Network containers

Container Information

GET

https://<servername>:8443/api/network/domain?offset={offset}&limit={limit}

Default offset = 0

Default limit = 25

Container Information - by ID

GET

https://<servername>:8443/api/network/domain/{dbid}

Container Information - by Name

GET

https://<servername>:8443/api/network/domain/name/{name}

Network Devices by Container ID

GET

https://<servername>:8443/api/network/domain/{dbid}/devices

Network container actions

Add Container

POST

https://<servername>:8443/api/network/domain/update

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

The name parameter is required to uniquely identify the container. If the name does not exist in the database a new Container record is created.

SNMPv1 Discovery

POST

https://<servername>:8443/api/network/domain/ discovery/snmpV1

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

Starting IP address: startIP

Ending IP address: endIP

Security String: security

The name parameter is required to uniquely identify the container where discovery should be run. If the name exists in the database discovery is done for the selected container.

SNMPv1 CDP Discovery

POST

https://<servername>:8443/api/network/domain/ discovery/snmpV1/cdp

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

Starting IP address: startIP

Security String: security

The name parameter is required to uniquely identify the container where discovery should be run. If the name exists in the database discovery is done for the selected container.

When using CDP discovery it is recommended that you set the Maximum Cisco Discovery Depth in the FortiNAC Admin UI to limit the number of levels searched from the starting IP address. If this setting is not enabled, discovery may take an extensive amount of time.

SNMPv3 Discovery

POST

https://<servername>:8443/api/network/domain/ discovery/snmpV3

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

Starting IP address: startIP

Ending IP address: endIP

User name: user

Authentication Password: password

Privacy Password: privacy

Authentication Protocol: authProto

Privacy Protocol: privProto

The name parameter is required to uniquely identify the container where discovery should be run. If the name exists in the database discovery is done for the selected container.

SNMPv3 CDP Discovery

POST

https://<servername>:8443/api/network/domain/ discovery/snmpV3/cdp

Accepted Content-type:
application/x-www-form-urlencoded

Form Parameters:

Name: name

Starting IP address: startIP

User name: user

Authentication Password: password

Privacy Password: privacy

Authentication Protocol: authProto

Privacy Protocol: privProto

The name parameter is required to uniquely identify the container where discovery should be run. If the name exists in the database discovery is done for the selected container.

When using CDP discovery it is recommended that you set the Maximum Cisco Discovery Depth in the FortiNAC Admin UI to limit the number of levels searched from the starting IP address. If this setting is not enabled, discovery may take an extensive amount of time.

Vendor OUI details

Vendor OUIs

GET

https://<servername>:8443/api/vendoroui

Vendor OUI by ID

GET

https://<servername>:8443/api/vendoroui/{id}