Fortinet white logo
Fortinet white logo

Administration Guide

Integrating FortiManager management using SAML SSO

Integrating FortiManager management using SAML SSO

When a FortiGate is configured as the SAML SSO IdP, FortiManager can be added as an SP.

To configure FortiManager as a Fabric SP:
  1. On the root FortiGate, go to Security Fabric > Fabric Connectors, and edit the Security Fabric Setup connector.
  2. In the Security Fabric Settings section, click Advanced Options.
  3. In the Service Providers section, click Create New.
  4. Enter a name and a prefix for the SP. FortiOS generates a unique prefix, but you can enter your own.
  5. In SP address, enter the FortiManager address including the port number.

  6. Click OK.
  7. In FortiManager, go to System Settings > Admin > SAML SSO and in the Single Sign-On Mode section, click Service Provider (SP).
  8. Configure the IdP Settings:
    1. For IdP Type, click Fortinet.
    2. For IdP Address, enter the root FortiGate address including the port number.
    3. Enter the Prefix of the SP.
    4. For IdP Certificate, import the same certificate used on the root FortiGate.
    5. Click Apply.

  9. To verify that the configuration works, log out of FortiManager and log in using the Login via Single-Sign-On link.

Integrating FortiManager management using SAML SSO

Integrating FortiManager management using SAML SSO

When a FortiGate is configured as the SAML SSO IdP, FortiManager can be added as an SP.

To configure FortiManager as a Fabric SP:
  1. On the root FortiGate, go to Security Fabric > Fabric Connectors, and edit the Security Fabric Setup connector.
  2. In the Security Fabric Settings section, click Advanced Options.
  3. In the Service Providers section, click Create New.
  4. Enter a name and a prefix for the SP. FortiOS generates a unique prefix, but you can enter your own.
  5. In SP address, enter the FortiManager address including the port number.

  6. Click OK.
  7. In FortiManager, go to System Settings > Admin > SAML SSO and in the Single Sign-On Mode section, click Service Provider (SP).
  8. Configure the IdP Settings:
    1. For IdP Type, click Fortinet.
    2. For IdP Address, enter the root FortiGate address including the port number.
    3. Enter the Prefix of the SP.
    4. For IdP Certificate, import the same certificate used on the root FortiGate.
    5. Click Apply.

  9. To verify that the configuration works, log out of FortiManager and log in using the Login via Single-Sign-On link.