Fortinet black logo

Identity & Access Management (IAM)

Home FortiCloud Services 24.1.0 Identity & Access Management (IAM)

Migrating sub users

24.1.0
24.1.0
Copy Link
Copy Doc ID cb035e9b-aa60-11ee-8673-fa163e15d75b:943544
Download PDF

Migrating sub users

You can migrate a sub user account from FortiCloud and convert it to an IAM user. After a sub user is migrated, they are required to update their login credentials the next time they access a portal.

Note

Most of the Fortinet Inc. Cloud portals support IAM users at this time.

After migration is complete:

  • The sub user is automatically removed from your FortiCloud account. A sub user cannot be restored in FortiCloud.

  • The user's data and settings in the cloud portals are migrated with the user.

The Migrate Sub Users page can be accessed from the left-hand navigation menu. See Identity & Access Management Portal.

FortiGate Cloud Legacy users

A FortiGate Cloud Legacy user can be migrated to an IAM user using the same process as a sub user. If Legacy users are available for migration, they will be listed in the active sub users page in the Source column. Select Ignore FortiGate Cloud legacy user to hide the Source column.

Note

When you are migrating FortiGate Cloud Legacy users and assigning permission profiles for the new IAM users, if the permission profile selected does not have FortiGate Cloud permissions enabled, an error will display and the Legacy users cannot be migrated.
To migrate a sub or Legacy user:
  1. Select Migrate Sub Users from the left-hand navigation menu.

  2. Read and accept the terms of migration, and click Next.
  3. Select a User ID formatting option, and click Next.

    Format

    Description

    Use email account nameMaps the user's FortiCloud Email (Account ID) to the IAM User ID field.
    Use username as ID and filter with spaceMaps the user's FortiCloud Name to the IAM User ID field.
  4. Select users from the list, and click Next.

    The User Details page is displayed.

    Note

    Select Ignore FortiGate Cloud legacy user to hide the Source column.

  5. Review the user's details, and click Next. The User Group, Asset and Portal Permissions pane opens.

    Note

    Legacy users being migrated must be assigned to a permission profile with FortiGate Cloud permissions enabled.

  6. (Optional) Add the user to an IAM user group. See User groups.

    1. Select Yes from Basic Info, and select a group from the dropdown.
    2. Click Next to proceed to Step 10.

  7. Select an asset folder from the Asset Permissions dropdown.

  8. Select a permission profile from the Choose A Permission Profile dropdown.

  9. Click Next. The Confirmation of Sub User(s) to migrate page is displayed.
  10. Click Confirm. The Confirmation page is displayed.
  11. Click Download IAM User Credentials and send them to the user.
Previous
Next

Migrating sub users

You can migrate a sub user account from FortiCloud and convert it to an IAM user. After a sub user is migrated, they are required to update their login credentials the next time they access a portal.

Note

Most of the Fortinet Inc. Cloud portals support IAM users at this time.

After migration is complete:

  • The sub user is automatically removed from your FortiCloud account. A sub user cannot be restored in FortiCloud.

  • The user's data and settings in the cloud portals are migrated with the user.

The Migrate Sub Users page can be accessed from the left-hand navigation menu. See Identity & Access Management Portal.

FortiGate Cloud Legacy users

A FortiGate Cloud Legacy user can be migrated to an IAM user using the same process as a sub user. If Legacy users are available for migration, they will be listed in the active sub users page in the Source column. Select Ignore FortiGate Cloud legacy user to hide the Source column.

Note

When you are migrating FortiGate Cloud Legacy users and assigning permission profiles for the new IAM users, if the permission profile selected does not have FortiGate Cloud permissions enabled, an error will display and the Legacy users cannot be migrated.
To migrate a sub or Legacy user:
  1. Select Migrate Sub Users from the left-hand navigation menu.

  2. Read and accept the terms of migration, and click Next.
  3. Select a User ID formatting option, and click Next.

    Format

    Description

    Use email account nameMaps the user's FortiCloud Email (Account ID) to the IAM User ID field.
    Use username as ID and filter with spaceMaps the user's FortiCloud Name to the IAM User ID field.
  4. Select users from the list, and click Next.

    The User Details page is displayed.

    Note

    Select Ignore FortiGate Cloud legacy user to hide the Source column.

  5. Review the user's details, and click Next. The User Group, Asset and Portal Permissions pane opens.

    Note

    Legacy users being migrated must be assigned to a permission profile with FortiGate Cloud permissions enabled.

  6. (Optional) Add the user to an IAM user group. See User groups.

    1. Select Yes from Basic Info, and select a group from the dropdown.
    2. Click Next to proceed to Step 10.

  7. Select an asset folder from the Asset Permissions dropdown.

  8. Select a permission profile from the Choose A Permission Profile dropdown.

  9. Click Next. The Confirmation of Sub User(s) to migrate page is displayed.
  10. Click Confirm. The Confirmation page is displayed.
  11. Click Download IAM User Credentials and send them to the user.
Previous
Next