Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Cookbook

    6.5.0
    6.5.0
    6.4.0
    6.3.0
    6.2.0
    6.1.0
    6.0.0
    5.5.0

    Setting up SAML SSO in FortiAuthenticator

    Setting up SAML SSO in FortiAuthenticator

    To enable SAML portal:
    1. Go to Fortinet SSO Methods > SSO > Portal Services.
    2. In the Edit Portal Services Settings window, select Enable SAML portal to enable SAML portal log in for SSO.
    3. Click OK.
    To configure SAML SSO authentication to use Azure SAML IdP:
    1. Go to Fortinet SSO Methods > SSO > SAML Authentication and select Create New.

      The Create New SAML Identity Provider window opens.

    2. In Remote SAML server dropdown, select the remote SAML server created in Creating a remote SAML server .
    3. In the Domain Membership pane, enable Get SSO domain name from, and select Username prefix/suffix to obtain the domain name specified in the username.
    4. Click OK to create the new SAML SP portal.
    To enable FSSO for FortiGate and define a password:
    1. Go to Fortinet SSO Methods > SSO > General to open the Edit SSO Configuration window.
    2. In the FortiGate pane, select Enable authentication, then enter a secret key, or password, in the Secret key field.
    3. Click OK.
    To create a FortiGate filter and include the groups from Azure AD:
    1. Go to Fortinet SSO Methods > SSO > FortiGate Filtering and select Create New.

      The Create New FortiGate Filter window opens.

    2. Enter a name to identify the filter.
    3. In FortiGate name/IP, enter FortiGate unit’s FQDN or IP address.
    4. In Fortinet Single Sign-On (FSSO) pane, enable Forward FSSO information for users from the following subset of users/groups/containers only, and include the groups from Azure AD you intend to send information to the FortiGate.
    5. Click OK.
    Previous
    Next

    Setting up SAML SSO in FortiAuthenticator

    Setting up SAML SSO in FortiAuthenticator

    To enable SAML portal:
    1. Go to Fortinet SSO Methods > SSO > Portal Services.
    2. In the Edit Portal Services Settings window, select Enable SAML portal to enable SAML portal log in for SSO.
    3. Click OK.
    To configure SAML SSO authentication to use Azure SAML IdP:
    1. Go to Fortinet SSO Methods > SSO > SAML Authentication and select Create New.

      The Create New SAML Identity Provider window opens.

    2. In Remote SAML server dropdown, select the remote SAML server created in Creating a remote SAML server .
    3. In the Domain Membership pane, enable Get SSO domain name from, and select Username prefix/suffix to obtain the domain name specified in the username.
    4. Click OK to create the new SAML SP portal.
    To enable FSSO for FortiGate and define a password:
    1. Go to Fortinet SSO Methods > SSO > General to open the Edit SSO Configuration window.
    2. In the FortiGate pane, select Enable authentication, then enter a secret key, or password, in the Secret key field.
    3. Click OK.
    To create a FortiGate filter and include the groups from Azure AD:
    1. Go to Fortinet SSO Methods > SSO > FortiGate Filtering and select Create New.

      The Create New FortiGate Filter window opens.

    2. Enter a name to identify the filter.
    3. In FortiGate name/IP, enter FortiGate unit’s FQDN or IP address.
    4. In Fortinet Single Sign-On (FSSO) pane, enable Forward FSSO information for users from the following subset of users/groups/containers only, and include the groups from Azure AD you intend to send information to the FortiGate.
    5. Click OK.
    Previous
    Next