Try Auvik Free
Try Auvik Free

How can we help?

  1. Auvik Support
  2. Discovery
  3. Manage Credentials

Troubleshooting Fortinet device API credentials

Avatar
Steven Chan
Follow

From the entity navigation on the device dashboard, hover over the Discovery button and click Troubleshooting

For Fortinet/FortiOS version 6.0.0 REST API credentials, there are three steps that need to be verified before a device can be authorized.

Step 1 - Device must be managed

  1. To manage the device, click re-enable management.
  2. Update the management status from Unmanaged to Managed.
  3. Click Save.

Step 2 - Device must have device API credentials

If  Fortinet device API credentials for this device are available, ensure the credentials are associated with the device. See How do I edit or delete device API credentials?

If Fortinet device API credentials aren’t available for this device, you’ll need to add them. See How do I add Fortinet device API credentials?

Step 3 - Device must be running device API

  1. The device admin profile must have the right permissions
    1. Log into FortiGate.
    2. Navigate to System > Admin Profiles.
    3. Edit the admin profile associated with the API token.
    4. Verify access permissions are set to the following (see screenshot below for details):
      1. Firewall to Custom > Address to Read
      2. Network to Custom > Configuration and Router to Read
      3. System to Custom > Configuration to Read
      4. WiFi & Switch to Read
    5. Click OK.

image (28).png

  1. Verify the device REST API admin is set to the correct admin profile and the trusted hosts are set to the IP address of the collector.
    1. Log into FortiGate.
    2. Navigate to System >Administrators.
    3. Edit the REST API admin associated with the API token.
    4. Verify that the admin profile matches the one from above.
    5. Verify that trusted hosts is set to A.B.C.D/0 where A.B.C.D is the IP address of the Auvik collector.

Step 4 - Device must have valid device API credentials

Screenshot 2024-05-10 at 10.05.52 AM.png

  1. Go to System > Admin > Profiles.
  2. Click Create New or edit an existing profile.

    In the profile configuration:
    • Set System Configuration to Read/Write.
    • Set rest of the permission to Read (refer to the screenshot above)
    • Under REST API Access, ensure it is enabled.

  3. Click OK to save.

Congratulations!

Your device is fully authenticated for the FortiOS REST API and we’ll start gathering information about your device.

Was this article helpful?
3 out of 21 found this helpful
Have more questions? Submit a request

Auvik System Status

Check system status

Need help?

Submit your question or comment and we'll be in touch.

Send a message

Related articles