For the Cisco Firepower Threat Defence firewall, follow these instructions to enable the Device API.
Note: These instructions are valid for FTD or FDM.
For the Device API credentials, use your admin username and password that you use to login into the user interface of Firepower.
- Go to Admin
-
Click on Manage Credentials
-
Click on Device API Credentials
- Mouse over Add Device API Credentials
-
On the drop down that appears, click Firepower
-
Enter credentials for your Firepower
- Name - a name or description for use in Auvik only
- Device - the device name that the API key is for
- Username - add admin account username
- Password - admin’s password
-
Port - the port that the API/HTTP service is running
- This will auto fill with 443 - only change if you know you are using a different port.
- Click Test Connection to confirm your settings are accurate.
- Click Save.
If you are getting errors or the device failed in test connection you can try the following troubleshooting steps. You can check the authentication from API-Explorer.
-
Using a browser, open the homepage of the system, for example, https://ftd.example.com.
-
Log into Firepower Device Manager.
-
(6.4 and earlier.) Edit the URL to point to /#/api-explorer, for example, https://ftd.example.com/#/api-explorer.
-
(6.5 and later.) Click the more options button (More options button.) and choose API Explorer.
The system opens the API Explorer in a separate tab or window, depending on your browser settings.
-
Once you are in the API Explorer, search for Token and click on Example Value
- This will update the Body. Change the “grant_type” from “custom_token” to “password”
- Update the username and password to the credentials that you used to login.
- Scroll down to the Try it out option and look for Response Code. It must be 200 in order to work.