Fortinet black logo

Administration Guide

Home FortiAuthenticator 6.6.1 Administration Guide
6.6.1
6.6.1
6.6.0
6.5.4
6.5.3
6.5.2
6.5.1
6.5.0
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.2
6.2.1
6.2.0
6.1.3
6.1.2
6.1.1
6.1.0
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.5.0
5.4.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.1
4.2.0

How to integrate a generic SCIM client with FortiAuthenticator SCIM server

How to integrate a generic SCIM client with FortiAuthenticator SCIM server

The following describes how to integrate a generic SCIM client with the FortiAuthenticator SCIM server:

  1. Log in to FortiAuthenticator.
  2. Get an API key.

    Alternatively, use OAuth 2.0.

  3. Copy the API key and paste it in the appropriate field on the SCIM SP, i.e., the SCIM client.
  4. Log in to the SCIM SP administrator account.

    Note that every SCIM SP has a different way of accessing application integrations.

  5. Create a custom application for FortiAuthenticator in the SCIM SP.
  6. Each SCIM SP has different questions for the application. However, all SCIM SPs require a Tenant URL and a FortiAuthenticator API key (Secret Token):
    1. Tenant URL: The URL field when creating or editing a remote SCIM user sync rule.
    2. API key: The Secret Token when creating or editing a remote SCIM user sync rule. The secret token is used to authorize the SCIM integration between the client and the server.

      Note: The secret token is associated with an administrator account. You must use an administrator account with appropriate role.

  7. The SCIM client indicates that FortiAuthenticator was created successfully.
  8. The SCIM client application gallery confirms the newly created application.

    All the other settings to integrate with FortiAuthenticator should be set, including attribute mappings.

  9. The SCIM client is now visible in FortiAuthenticator.
  10. You can now configure attribute mappings on FortiAuthenticator.

    See Creating a new remote SCIM user synchronization rule.

Previous
Next
How to integrate a generic SCIM client with FortiAuthenticator SCIM server

The following describes how to integrate a generic SCIM client with the FortiAuthenticator SCIM server:

  1. Log in to FortiAuthenticator.
  2. Get an API key.

    Alternatively, use OAuth 2.0.

  3. Copy the API key and paste it in the appropriate field on the SCIM SP, i.e., the SCIM client.
  4. Log in to the SCIM SP administrator account.

    Note that every SCIM SP has a different way of accessing application integrations.

  5. Create a custom application for FortiAuthenticator in the SCIM SP.
  6. Each SCIM SP has different questions for the application. However, all SCIM SPs require a Tenant URL and a FortiAuthenticator API key (Secret Token):
    1. Tenant URL: The URL field when creating or editing a remote SCIM user sync rule.
    2. API key: The Secret Token when creating or editing a remote SCIM user sync rule. The secret token is used to authorize the SCIM integration between the client and the server.

      Note: The secret token is associated with an administrator account. You must use an administrator account with appropriate role.

  7. The SCIM client indicates that FortiAuthenticator was created successfully.
  8. The SCIM client application gallery confirms the newly created application.

    All the other settings to integrate with FortiAuthenticator should be set, including attribute mappings.

  9. The SCIM client is now visible in FortiAuthenticator.
  10. You can now configure attribute mappings on FortiAuthenticator.

    See Creating a new remote SCIM user synchronization rule.

Previous
Next