POST
URI:
- /api/v1/login
Input fields:
Field Name | Type | Required |
Description |
---|---|---|---|
client_id | string | Yes | The client_id. |
client_secret | string | Yes | The client_secret. |
Successful response fields:
Field name | Type | Description |
---|---|---|
access_token | string | The access token for web API client to make API request. |
expires_in | integer | The remaining time (in seconds) that access token still valid. |
Response codes
Code | Response content | Description |
---|---|---|
201 OK | The access token wasgenerated successfully. | |
400 Bad Request | The client secret format is invalid. | The client secret in the input field is invalid. |
401 Unauthorized | The client’s login failed due to wrong ID or secret. | Wrong or expired client ID or client secret. |
404 Not Found | The client does not exist. | The client is not in FortiToken Cloud database. |
Example request body:
{
'client_id': '12345678-abcd-efgh-1234-xxxxxxxxxxxx',
'client_secret': 'xxxxxx'
}
Example of successful response body:
Return:
{
'access_token': 'xxxxxx',
'expires_in': 2
}
This API is only used for a client to get an access token to finalize authentication for the API service. By default, the access token expires in an hour (i.e., 3600 seconds). The client does not need to call the API when it has an active access token. |