Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Identity & Access Management (IAM)

    Home FortiCloud Services 25.2.0 Identity & Access Management (IAM)
    25.2.0
    25.2.0

    Configuring external IdP

    Configuring external IdP

    After you have successfully enrolled for external IdP for your FortiCloud account, you can begin to configure the external IdP with the URLs provided by Fortinet Inc..

    This document only covers configuring external IdP with Okta and Microsoft Entra ID. However, multiple external identity providers are supported by FortiCloud. This topic includes the following configuration examples:

    Configuring with Okta

    External IdP can be configured with Okta.

    To configure external IdP with Okta:

    1. In Okta, go to Applications > Applications.

    2. Navigate to the application you created when enrolling.

    3. Edit the General > SAML Settings:

      1. Replace the temporary URLs with the information provided by Fortinet Inc. team:

        Entra ID field

        Fortinet Inc. external IdP information
        Single sign-on URL SP Login (Assertion Consumer Service ACS) URL
        Audience URI (SP Entity ID) SP Entity ID
        Default RelayState Portal URL (Relay State)

      2. Click Save.

    Configuring with Entra ID

    External IdP can be configured with Okta.

    To configure external IdP with Entra ID:

    1. In Microsoft Azure, select Microsoft Entra ID.

    2. Go to Enterprise applications.

    3. Navigate to the application you created when enrolling.

    4. Select Set up single sign on.

    5. Edit the Basic SAML Configuration:

      1. Replace the temporary URLs with the information provided by Fortinet Inc. team:

        Entra ID field

        Fortinet Inc. external IdP information
        Identifier (Entity ID) SP Entity ID
        Reply URL (Assertion Consumer Service URL) SP Login (Assertion Consumer Service ACS) URL
        Relay State Portal URL (Relay State)

        Logout Url

        SP Logout (SLS)

      2. Click Save.

    Previous
    Next

    Related Videos

    Configuring external IdP

    Configuring external IdP

    After you have successfully enrolled for external IdP for your FortiCloud account, you can begin to configure the external IdP with the URLs provided by Fortinet Inc..

    This document only covers configuring external IdP with Okta and Microsoft Entra ID. However, multiple external identity providers are supported by FortiCloud. This topic includes the following configuration examples:

    Configuring with Okta

    External IdP can be configured with Okta.

    To configure external IdP with Okta:

    1. In Okta, go to Applications > Applications.

    2. Navigate to the application you created when enrolling.

    3. Edit the General > SAML Settings:

      1. Replace the temporary URLs with the information provided by Fortinet Inc. team:

        Entra ID field

        Fortinet Inc. external IdP information
        Single sign-on URL SP Login (Assertion Consumer Service ACS) URL
        Audience URI (SP Entity ID) SP Entity ID
        Default RelayState Portal URL (Relay State)

      2. Click Save.

    Configuring with Entra ID

    External IdP can be configured with Okta.

    To configure external IdP with Entra ID:

    1. In Microsoft Azure, select Microsoft Entra ID.

    2. Go to Enterprise applications.

    3. Navigate to the application you created when enrolling.

    4. Select Set up single sign on.

    5. Edit the Basic SAML Configuration:

      1. Replace the temporary URLs with the information provided by Fortinet Inc. team:

        Entra ID field

        Fortinet Inc. external IdP information
        Identifier (Entity ID) SP Entity ID
        Reply URL (Assertion Consumer Service URL) SP Login (Assertion Consumer Service ACS) URL
        Relay State Portal URL (Relay State)

        Logout Url

        SP Logout (SLS)

      2. Click Save.

    Previous
    Next