Fortinet single sign-on agent

Go to Security Fabric > Fabric Connectors.
Click Create New.
In the SSO/Identity section, click Fortinet Single Sign-On Agent.
Fill in the Name, and Primary FSSO Agent server IP address or name and Password.
Optionally, add more FSSO agents by clicking the plus icon.
Select the User Group Source:
- Collector Agent: User groups will be pushed to the FortiGate from the collector agent. Click Apply & Refresh to fetch group filters from the collector agent.
- Local: User groups will be specified in the FortiGate unit's configuration. Select the LDAP server from the drop-down list, then select the Users, Groups, and Organizational Units. Enable or disable Recursive as required.
Click OK.

To create an FSSO agent connector in the GUI:

Go to Security Fabric > Fabric Connectors.

Click Create New.

In the SSO/Identity section, click Fortinet Single Sign-On Agent.

Fill in the Name, and Primary FSSO Agent server IP address or name and Password.

Optionally, add more FSSO agents by clicking the plus icon.

Select the User Group Source:

Collector Agent: User groups will be pushed to the FortiGate from the collector agent. Click Apply & Refresh to fetch group filters from the collector agent.
Local: User groups will be specified in the FortiGate unit's configuration. Select the LDAP server from the drop-down list, then select the Users, Groups, and Organizational Units. Enable or disable Recursive as required.

Click OK.