Service Accounts

This page includes the following topics:

You use service accounts to authenticate with the FortiMail Browser Security API, and to then use the API to access FortiMail Browser Security data. Using service accounts means that admin users don't have to use their own credentials when using the FortiMail Browser Security API. It is recommended that you use service accounts when you integrate SIEM tools with FortiMail Browser Security. Service accounts cannot sign-in to the FortiMail Browser Security console.

For details on:

  • the FortiMail Browser Security API, see API [FortiMail Browser Security only].

  • the FortiMail Browser Security Service Accounts API in Swagger, see here . [You'll need to enter your FortiMail Workspace Security credentials to access this site.]

Maximum:Closed You can have a maximum of 100 service accounts.

Adding new service accounts

You use the Settings > Service accounts page to add new service accounts. After you add a service account, FortiMail Browser Security will assign a client ID and a client secret to the new account. You'll need both of these values to authenticate with the FortiMail Browser Security API. You can find these values for any service account by displaying the details of the service account - in the Settings > Service accounts page. These values do not expire.

To add a new service account:

  1. Open the FortiMail Browser Security console > Settings > Service accounts page.

  2. Click Add new service account, and enter the following details:

    Role

    Select one of the following roles for the new service account:

    • Owner: Has full access to all functionality in the FortiMail Browser Security console.

    • Contributor: Has full control of policies and related components, and can view [read] administrative settings.

    • Policy manager: Has full control of policies and related components.

    • User manager: Has full control of users and devices.

    • Reader: Is able to view [read] anything in the FortiMail Browser Security console - but is not permitted to make any changes.

    You can change the role after a service account is created.

    Note

    The client ID and client secret do not change when you change the role of the service account.

  3. Click Save.

    The system adds the new service account to the FortiMail Browser Security console.

Deleting service accounts

To delete a service account:

  1. Open the FortiMail Browser Security console > Settings > Service accounts page.

  2. Select the service accounts that you want to delete.

  3. Click Delete service account or Delete x service accounts.

See also: