Fortinet FortiGate Cloud integration instructions

This article provides instructions on how to integrate Fortinet FortiGate Cloud to Lifecycle Manager to pull configuration items from Fortinet FortiGate Cloud. The API key must be associated with an API user that is separate from your Fortinet FortiGate Cloud administrative account.

Fortinet is an integration rather than a warranty lookup source. However, it is the only place for warranty information. While PSAs and documentation tools may contain Fortinet device configurations, they may lack completeness and the corresponding warranty dates.

  • If your sole integration is with Fortinet, Lifecycle Manager will synchronize all devices along with their corresponding warranty expiration dates.
  • If you have integrated your PSA system without Fortinet, Lifecycle Manager has the capability to synchronize all Fortinet devices listed in the PSA; however, warranty dates will not be included in this synchronization.

If warranty dates for Fortinet devices are manually added to a PSA, they would be isynchronized into Lifecycle Manager if available.

Prerequisites

The following is required for integrating Fortinet FortiGate Cloud with Lifecycle Manager:

  • You must have Administrator user credentials for your FortiGate Cloud account
  • You must have Administrator user credentials for your Lifecycle Manager account or member permissions of Manage Sync Settings selected

To successfully integrate Fortinet FortiGate Cloud with Lifecycle Manager, please follow these steps in each article section:

Integration steps in Fortinet FortiGate Cloud

  1. Create a permission profile
  2. Create an API user
  3. Download API credentials

Integration steps in Fortinet FortiGate Cloud

  1. Add Fortinet Cloud API credentials to Lifecycle Manager

Integration steps in Fortinet FortiGate Cloud

When creating a permission profile in the portal, you must add the Asset Management portal to the profile, and configure the desired permissions.

Create a permission profile

Permission profiles let you specify access to FortiCloud Portal resources and grant portal-specific permissions for API users. You need to create a permission profile that enables access to the Asset Management portal. A permission profile must be created before creating an API user.

  1. Sign in to FortiGate Cloud with your email ID as the username and the password that you chose when creating the account. 
    1. Ensure that the email ID you are signing in with has administrative credentials.
  2. Select the desired company for the user that signed in.
  3. From the top-level menu, click Services.
    Fortinet_services_menu.png
  4. Under Assets and Accounts, select IAM (Identity & Access Management)
    Fortinet_services_IAM.png
  5. In the Identity & Access Management section, click the Permission Profiles menu option.
  6. From the Permission Profiles section, click the Add New button. The New Portal Permission Profiles screen is displayed.
    Fortinet_new_portal_permission_profiles.png
  7. From the New Portal Permission Profile screen, enter the following information for the permission profile.
    1. Enter a name in the Permission Profile Name field.
    2. Set the Status to Active.
    3. Enter a description of the portal permissions in the Description field. For example, LM Fortinet integration permissions profile.
  8. Click the Add Portal button. A list of available portals is displayed.
    Fortinet_add_portal.png
  9. Select the portal(s) you want to enable access to. In this case, select the following: 
    1. Asset Management
  10. Click Add. The portal is displayed in a card.
    1. As this is for a portal with role-based permissions, enable Access and specify the portal Access Type and any Additional Permissions. In this case, select Read Only and Receive Renewal Notification.
      Fortinet_permissions_profile.png
  11. Click Save. The permission profile is now available to be assigned to users.

Once a permission profile is saved, the permission profile type cannot be changed.

Create an API user

  1. From the Identity & Access Management section, select Users from the left-hand navigation menu. The Users page opens.
  2. From the Users page, click the Add New > API User button. The API User Details screen opens.
  3. From the API User Details screen, in the Description field, enter a description of the user—for example, Lifecycle Manager integration.
  4. Select the permission profile, created in the previous step, from the Permission Profile dropdown list.
    Fortinet_select_permission_profile.png
    1. The permission details are displayed in a card.
  5. Click Next.
  6. Review the user's information, and click Confirm.
  7. At this time, API User registration is successfully complete. The generated API credentials appear underneath the API User Information label.
    Fortinet_successful_API_user_registration.png

Download API credentials

  1. From the Users page, click on the relevant user. The API User Information page opens.
  2. Click Download Credentials. The Security Check dialog opens.
    Fortinet_security_check.png

    Downloading API user credentials will reset the user's security credentials each time you perform this action. The API user only exists within the account scope.

  3. Enter a password to protect the credential file and click Proceed. The credentials are downloaded to your computer in the form of a password-protected zip file.
  4. The password-protected zip file contains both an apiID and password which are needed to add the Fortinet FortiGate Cloud API credentials to Lifecycle Manager.

Integration steps in Lifecycle Manager

Add Fortinet FortiGate Cloud API credentials to Lifecycle Manager

  1. From Lifecycle Manager, navigate to Integrations and click the Add integration button.
  2. The Add integration page will open. Select FortiCloud.
  3. Open the password-protected API credentials zip file you previously downloaded.
  4. Enter the following information into the FortiCloud add integration page.
    1. Copy the apiID into the API Key field.
    2. Copy the password into the Password field.
  5. Click Save Fortinet Asset Management Setup.

ForticCloud_main.png

When you click Save Fortinet Asset Management Setup, Lifecycle Manager performs a full sync. When finished, you should be able to view your hardware assets in your account.