Fortinet black logo

Cookbook

Configuring FSSO on the FortiGate

Copy Link
Copy Doc ID 4d801240-7ccc-11e9-81a4-00505692583a:30378
Download PDF

Configuring FSSO on the FortiGate

  1. On the FortiGate, go to User & Device > Single Sign-On and select Create New.

    Set Type to Fortinet Single-Sign-On Agent, enter a Name, the FortiAuthenticator’s Internet-interface IP address, and the password, which must match the secret key entered at the beginning of the FortiAuthenticator configuration process.

    Select Apply & Refresh.

  2. The SAML user group name is pushed to the FortiGate from the FortiAuthenticator and appears when you select View.

    You might have to wait a few minutes before the user group appears.

  3. Go to User & Device > User Groups and create a new FSSO user group. Users authenticated via SAML FSSO are in this group.

    Enter a Name, set Type to Fortinet Single Sign-On (FSSO), and add the FSSO group as one of the Members.

Configuring FSSO on the FortiGate

  1. On the FortiGate, go to User & Device > Single Sign-On and select Create New.

    Set Type to Fortinet Single-Sign-On Agent, enter a Name, the FortiAuthenticator’s Internet-interface IP address, and the password, which must match the secret key entered at the beginning of the FortiAuthenticator configuration process.

    Select Apply & Refresh.

  2. The SAML user group name is pushed to the FortiGate from the FortiAuthenticator and appears when you select View.

    You might have to wait a few minutes before the user group appears.

  3. Go to User & Device > User Groups and create a new FSSO user group. Users authenticated via SAML FSSO are in this group.

    Enter a Name, set Type to Fortinet Single Sign-On (FSSO), and add the FSSO group as one of the Members.