FortiFlex (Flex VM API) allows you to automate tasks such as creating VM entitlements when integrating with cloud orchestration platforms.
Authentication will be done via OAuth token. To call Flex VM external API, 3rd party applications need to do following steps:
Create an API User for the account in IAM. Give desired permission (Admin, ReadWrite, ReadOnly) for FlexVM to the newly created or existing API User. Actions that involve changing or creating data (such as creating a new Configuration or updating a VM) will require ReadWrite permission or above.
Call our API at https://customerapiauth.fortinet.com/api/v1/oauth/token/
to retrieve OAuth token. Request body should be similar to:
{
"username": "",
"password": "",
"client_id": "flexvm",
"grant_type": "password"
}
Refer here for more information
Call FortiFlex (FlexVM API) endpoints at https://support.fortinet.com/ES/api/flexvm/v1/
with the OAuth token as Authorization header with Bearer scheme.
For example:
Authorization: Bearer BOR1COV9QHUjWs1FMZHS1A42VAe5D3
Import the collection and the environment into your Postman client.
Update the variables in the environment with your API username and password.
Create a Virtual Environment, add packages from requirements.txt
Use Environment variables for authentication
API_USERNAME API_PASSWORD API_CLIENT_ID API_GRANT_TYPE
Uncomment code after main for desired functions.
The Requests are categorized in four groups. Use the request in the Authenticate group to obtain a token. The token is used for requests in the other groups.
A successful authentication will update the Postman environment variables with the returned access_token and refresh_token. A post request test is run in the Retrieve Authentication token request. The post request test populates the taken variables in the Postman environment. The access_token is utilized by the requests in the other groups, the refresh_token is not currently utilized.
All of the requests have a sample body, except for the list request in the Programs group.
-
Authenticate
- Retrieve Authentication token
-
Configurations
- list - Get list of Flex VM Configurations for a Program
- create - Create a new Configuration under a Program
- update - Modify a Configuration's name or parameters
- disable - Disable a Configuration
- enable - Enable a Configuration
-
Groups
- list - Get list of Flex VM Token Groups (folders under "My Assets" support.fortinet.com)
- nexttoken - Get next unused token in specified Group
-
Programs
- list - Get list of Flex VM Programs for the account
-
Virtual Machines
- list - Get list of existing VMs for a Configuration
- create - Create one or more VMs based on a Configuration
- update - Update a VM to use another Configuration or change its description or end date
- stop - Stop a VM entitlement
- reactivate - Reactivate a VM entitlement after being stopped
- token - Regenerate token for a VM
- points
- by serial number - Get point usage for a VM by serial number
- points by config ID - Get point usage for VMs by config ID