Configuring FSSO on the FortiGate
- On the FortiGate, go to User & Device > Single Sign-On and select Create New.
- The SAML user group name has been successfully pushed to the FortiGate from the FortiAuthenticator, appearing when you select View.
- Then go to User & Device > User Groups and create a new FSSO user group. Successfully authenticated users via SAML FSSO will be placed in this group.
Set Type to Fortinet Single-Sign-On Agent, enter a Name, the FortiAuthenticator’s Internet-interface IP address, and the password, which must match the secret key entered at the beginning of the FortiAuthenticator configuration process.
Select Apply & Refresh.
You may have to wait a few minutes before the user group appears.
Enter a Name, set Type to Fortinet Single Sign-On (FSSO), and add the FSSO group as a Member.