SAML 2.0 FSSO with FortiAuthenticator and Google G Suite
In this example, you provide a Security Assertion Markup Language (SAML) FSSO cloud authentication solution using FortiAuthenticator in conjunction with Google G Suite. The FortiAuthenticator acts as the authentication Service Provider (SP) and Google as the Identity Provider (IdP).
The FortiGate has a WAN IP address of 172.25.176.92, and the FortiAuthenticator has the WAN IP address of 172.25.176.141. This recipe uses DNS names and IP addresses that work in our test network. To get this or any authentication setup working for your network you must use IP addresses and host names that work for your network. Also, to avoid problems in the long run, it is a best practice to double check all names and IP addresses as you enter them.
Before you begin, on the FortiAuthenticator create a local user group and an SSO user group. These user groups must have identical names. In this example they are called saml_users.