Fortinet black logo

CLI Reference

user local-user

user local-user

Use this command to configure locally defined user accounts.

Local user accounts are used by the HTTP authentication feature to authorize HTTP requests. For details, see the FortiWeb Administration Guide:

https://docs.fortinet.com/fortiweb/admin-guides

To incorporate local user accounts, add them to a user group that is selected within an authentication rule, which is in turn selected within an authentication policy. For details, see user user-group.

To use this command, your administrator account’s access control profile must have either w or rw permission to the authusergrp area. For details, see Permissions.

Syntax

config user local-user

edit "<local-user_name>"

set username "<user_str>"

set password "<password_str>"

next

end

Variable Description Default

"<local-user_name>"

Enter a name that can be referenced in other parts of the configuration.

To display the list of existing accounts, enter:

edit ?

The maximum length is 63 characters.

Note: This is not the user name that the person must provide when logging in to the CLI or web UI.

No default.

username "<user_str>"

Enter the user name that the client must provide when logging in, such as user1 or user1@example.com.

The maximum length is 63 characters.

No default.

password "<password_str>"

Enter the password for the local user account. The maximum length is 63 characters. No default.

Example

This example configures a local user account that can be used for HTTP authentication.

config user local-user

edit "local-user1"

set username "user1"

set password "myPassword"

next

end

Related topics

user local-user

Use this command to configure locally defined user accounts.

Local user accounts are used by the HTTP authentication feature to authorize HTTP requests. For details, see the FortiWeb Administration Guide:

https://docs.fortinet.com/fortiweb/admin-guides

To incorporate local user accounts, add them to a user group that is selected within an authentication rule, which is in turn selected within an authentication policy. For details, see user user-group.

To use this command, your administrator account’s access control profile must have either w or rw permission to the authusergrp area. For details, see Permissions.

Syntax

config user local-user

edit "<local-user_name>"

set username "<user_str>"

set password "<password_str>"

next

end

Variable Description Default

"<local-user_name>"

Enter a name that can be referenced in other parts of the configuration.

To display the list of existing accounts, enter:

edit ?

The maximum length is 63 characters.

Note: This is not the user name that the person must provide when logging in to the CLI or web UI.

No default.

username "<user_str>"

Enter the user name that the client must provide when logging in, such as user1 or user1@example.com.

The maximum length is 63 characters.

No default.

password "<password_str>"

Enter the password for the local user account. The maximum length is 63 characters. No default.

Example

This example configures a local user account that can be used for HTTP authentication.

config user local-user

edit "local-user1"

set username "user1"

set password "myPassword"

next

end

Related topics