Fortinet black logo

Administration Guide

Configuring API gateway policy

Configuring API gateway policy

This section provides instructions to

  • Create an API gateway policy
  • Select an API gateway policy in a web protection profile

To create an API gateway policy

  1. Go to API Gateway > API Gateway Policy, and select the API Gateway Policy tab.
  2. Click Create New.
  3. For Name, enter a name for the policy. You will use the Name to select the policy in a web protection profile.
  4. Click OK.
  5. Click Create New.
  6. For API Gateway Rule, select the rule created in Configuring API gateway rules.
  7. Click OK.


To select an API gateway policy in a web protection profile

  1. Go to Policy > Web Protection Profile.
    To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the Web Protection Configuration category. For details, see Permissions.
  2. Select the Inline Protection Profile tab.
  3. Select an existing web protection profile to which you want to include the API gateway policy.
  4. Click Edit.
  5. For API Protection > API Gateway, select the API gateway policy from the drop down list.
  6. Click OK.
  7. For API Gateway Rule, select the rule created in Configuring API gateway rules.
  8. Click OK.

Configuring API gateway policy

This section provides instructions to

  • Create an API gateway policy
  • Select an API gateway policy in a web protection profile

To create an API gateway policy

  1. Go to API Gateway > API Gateway Policy, and select the API Gateway Policy tab.
  2. Click Create New.
  3. For Name, enter a name for the policy. You will use the Name to select the policy in a web protection profile.
  4. Click OK.
  5. Click Create New.
  6. For API Gateway Rule, select the rule created in Configuring API gateway rules.
  7. Click OK.


To select an API gateway policy in a web protection profile

  1. Go to Policy > Web Protection Profile.
    To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the Web Protection Configuration category. For details, see Permissions.
  2. Select the Inline Protection Profile tab.
  3. Select an existing web protection profile to which you want to include the API gateway policy.
  4. Click Edit.
  5. For API Protection > API Gateway, select the API gateway policy from the drop down list.
  6. Click OK.
  7. For API Gateway Rule, select the rule created in Configuring API gateway rules.
  8. Click OK.