Connecting to the Fortigate API using Python

Fortigate API Python Script

Fortinet Provide a REST API which allows you to configure and monitor pretty much any aspect of a fortigate device,As it stands this is pretty locked down in terms of documentation and you must have access to the Fortinet Developer network to get their API documentation.I recently aquired access and also stumbled accross this a while back which is a great easy way to get started.

Clone the repo

The REPO is availiable on github and is provided as is.

First make sure you have python installed on your system and install pip / setuptools.
You will need libxml or urllib3

I am running Python 2.7 for this

 

If you have this installed you can then clone the repo.
I did not create the script just showing you how to use it, it supports very basic usage out of the box but I will document other ways of using it and examples.

Make sure you have git installed

Edit the script

The main script is the fw_api_test.py

the file looks like this, you will need to edit the script and then run it either using python fw_api_test.py or ./fw_api_test.py
you can uncomment the getpass section if you have a static password and append a port number to it,

I will aim to add more guides detailing the endpoints and looping round onto multiple fortigates. if you have any ideas of what else we should blog please let us know.

Points to note

The script does not do any sort of error handling.
You can append a port number to the IP address if you are using none standard ports.
the API is pretty limited in fortiOS V5.2.x its not totally noticeable if you are doing basic changes but they have introduced a lot more endpoints in later versions.
This script ideally works on later versions of fortiOS.

The script

 

 

Leave A Comment

What’s happening in your mind about this post !

Your email address will not be published. Required fields are marked *