Fortinet Document Library

Version:


Table of Contents

22.1.0
Download PDF
Copy Link

Managing IAM users

Use the IAM Users page to disable, delete, or update a user's details. You can also regenerate a lost password.

The IAM Users page displays the following information:

Column

Description

Username The user's display name.

Full Name

The user's first and last name.

Email The email address for the IAM user account.
Updated The date the user's information was updated.
Group The user group the user is assigned to.
Status The user's status (Active/Disabled).

You can use the Search field to find a specific user. Partial results are returned as you type.

Updating user details

To update the user name, ID, email, and status, go to the User Profile tab.

To update user details:
  1. Go to IAM User. The IAM Users page opens.
  2. Click the Full Name. The IAM Users <username> page opens.
  3. Click Edit.
  4. Edit the user's information, and click Update.
To delete a user:
  1. Go to IAM User. The IAM Users page opens.
  2. Select a user from the list, and click Delete. The Delete User(s) dialog opens.
  3. Click Confirm.
To disable user:
  1. Go to IAM User. The IAM Users page opens.
  2. Select a user in the list.
  3. Click Disable. The Permission Changed Confirmation dialog opens..
  4. Click CONFIRM.
To activate a user:
  1. Go to IAM User. The IAM Users page opens.
  2. Click the Full Name.The IAM Users <username> page opens.
  3. Click Edit.
  4. From the Status dropdown, select active.
  5. Click Update.

Updating user permissions

Add or remove a user from a group, or update the user's asset and portal permissions.

Assigning asset permissions

Use asset folders to manage the assets a user can access . Asset folders are created in Asset Management by master users. For information, see FortiCloud Asset Management Guide > Organizing assets.

To assign asset permissions to a user:
  1. Go to IAM User. The IAM Users page opens.
  2. Click the user's Full Name. The IAM Users > <user_name> page is displayed.
  3. Click User Permissions.
  4. Click Edit.
  5. From the Asset Permissions dropdown, select an asset group.
  6. Click Update.

Assigning portal permissions

Portal permissions define the portals the user can access as well as the access level.

  1. Go to IAM User. The IAM Users page opens.
  2. Click the user's Full Name. The IAM Users > <user_name> page is displayed.
  3. Click User Permissions.
  4. Click Edit.
  5. In the Portal Permissions area, click the Edit button next to a portal.
  6. Configure the Portal Permissions.
    1. Click the Edit button in the portal row.
      Permission Description
      Allow Portal Access

      Toggle Yes to allow access to a portal.

      Access Type

      The Access Type is defined by the portal. For example, the access types for Asset Management are:

      • Admin

      • Read/Only

      • Read/Write

      Whereas the access types for FortiOS SSO are:

      • SuperAdmin

      • Read Only

      Additional Permission

      Additional permissions vary depending on the portal.

      Asset Management:

      • Recieve Renewal Notification

      FortiCare (Read Only or Read/Write)

      • Customer Serivce

      • Technical Assistance

      • RMA/DOA

      Note

      Some portals have user roles that are specific to that portal. When a portal has a unique user role, the Custom option is displayed. For information about the role, see the product's documentation.

    2. Click Confirm.
  7. Configure the Cloud Management & Services settings.
    1. Click the plus (+) sign, and select a service from the list.
    2. Click the Edit button.
    3. Configure the service permissions.
    4. Permission Description
      Allow Portal Access Toggle Yes to grant access to the service.
      AccessType

      The Access Type is defined by the portal. For example, the access types for Asset Management are:

      • Admin

      • Read/Only

      • Read/Write

      Whereas the access types for FortiOS SSO are:

      • SuperAdmin

      • Read Only

    5. Click Confirm.
  8. Click Update.

Generating passwords

You can generate a new password and enable two factor authentication.

Note

You cannot regenerate a password if the user has enabled two-factor authentication at the account level.

To generate a password:
  1. Go to IAM User. The IAM Users page opens.
  2. Click the user's Full Name. The IAM Users > <user_name> page is displayed.
  3. Click Security Credentials.

  4. (Optional) Click Two Factor Authentication.
  5. Click Generate Password. The Generate Password dialog is displayed.
  6. Click Proceed. The password CSV file is downloaded to your computer.

Provide the user with the password. Once the user has successfully logged in, they are required to log into the portal and create a new password.

Managing IAM users

Use the IAM Users page to disable, delete, or update a user's details. You can also regenerate a lost password.

The IAM Users page displays the following information:

Column

Description

Username The user's display name.

Full Name

The user's first and last name.

Email The email address for the IAM user account.
Updated The date the user's information was updated.
Group The user group the user is assigned to.
Status The user's status (Active/Disabled).

You can use the Search field to find a specific user. Partial results are returned as you type.

Updating user details

To update the user name, ID, email, and status, go to the User Profile tab.

To update user details:
  1. Go to IAM User. The IAM Users page opens.
  2. Click the Full Name. The IAM Users <username> page opens.
  3. Click Edit.
  4. Edit the user's information, and click Update.
To delete a user:
  1. Go to IAM User. The IAM Users page opens.
  2. Select a user from the list, and click Delete. The Delete User(s) dialog opens.
  3. Click Confirm.
To disable user:
  1. Go to IAM User. The IAM Users page opens.
  2. Select a user in the list.
  3. Click Disable. The Permission Changed Confirmation dialog opens..
  4. Click CONFIRM.
To activate a user:
  1. Go to IAM User. The IAM Users page opens.
  2. Click the Full Name.The IAM Users <username> page opens.
  3. Click Edit.
  4. From the Status dropdown, select active.
  5. Click Update.

Updating user permissions

Add or remove a user from a group, or update the user's asset and portal permissions.

Assigning asset permissions

Use asset folders to manage the assets a user can access . Asset folders are created in Asset Management by master users. For information, see FortiCloud Asset Management Guide > Organizing assets.

To assign asset permissions to a user:
  1. Go to IAM User. The IAM Users page opens.
  2. Click the user's Full Name. The IAM Users > <user_name> page is displayed.
  3. Click User Permissions.
  4. Click Edit.
  5. From the Asset Permissions dropdown, select an asset group.
  6. Click Update.

Assigning portal permissions

Portal permissions define the portals the user can access as well as the access level.

  1. Go to IAM User. The IAM Users page opens.
  2. Click the user's Full Name. The IAM Users > <user_name> page is displayed.
  3. Click User Permissions.
  4. Click Edit.
  5. In the Portal Permissions area, click the Edit button next to a portal.
  6. Configure the Portal Permissions.
    1. Click the Edit button in the portal row.
      Permission Description
      Allow Portal Access

      Toggle Yes to allow access to a portal.

      Access Type

      The Access Type is defined by the portal. For example, the access types for Asset Management are:

      • Admin

      • Read/Only

      • Read/Write

      Whereas the access types for FortiOS SSO are:

      • SuperAdmin

      • Read Only

      Additional Permission

      Additional permissions vary depending on the portal.

      Asset Management:

      • Recieve Renewal Notification

      FortiCare (Read Only or Read/Write)

      • Customer Serivce

      • Technical Assistance

      • RMA/DOA

      Note

      Some portals have user roles that are specific to that portal. When a portal has a unique user role, the Custom option is displayed. For information about the role, see the product's documentation.

    2. Click Confirm.
  7. Configure the Cloud Management & Services settings.
    1. Click the plus (+) sign, and select a service from the list.
    2. Click the Edit button.
    3. Configure the service permissions.
    4. Permission Description
      Allow Portal Access Toggle Yes to grant access to the service.
      AccessType

      The Access Type is defined by the portal. For example, the access types for Asset Management are:

      • Admin

      • Read/Only

      • Read/Write

      Whereas the access types for FortiOS SSO are:

      • SuperAdmin

      • Read Only

    5. Click Confirm.
  8. Click Update.

Generating passwords

You can generate a new password and enable two factor authentication.

Note

You cannot regenerate a password if the user has enabled two-factor authentication at the account level.

To generate a password:
  1. Go to IAM User. The IAM Users page opens.
  2. Click the user's Full Name. The IAM Users > <user_name> page is displayed.
  3. Click Security Credentials.

  4. (Optional) Click Two Factor Authentication.
  5. Click Generate Password. The Generate Password dialog is displayed.
  6. Click Proceed. The password CSV file is downloaded to your computer.

Provide the user with the password. Once the user has successfully logged in, they are required to log into the portal and create a new password.