To configure the root FortiGate as the IdP:
- Log in to the root FortiGate.
- Go to Security Fabric > Settings.
- In the FortiGate Telemetry section, enable SAML Single Sign-On. The Mode field is automatically populated as Identity Provider (IdP).
- Enter an IP address in the Management IP/FQDN box.
- Enter a management port in the Management Port box.
The Management IP/FQDN will be used by the SPs to redirect the login request. The Management IP/FQDN and Management Port must be reachable from the user's device.
- Select the IdP certificate.
- Click Apply.