Fortinet white logo
Fortinet white logo

Administration Guide

SSO administrators

SSO administrators

SSO administrators are automatically created when the FortiGate acts as a SAML service provider (SP) with SAML Single Sign-On enabled in the Security Fabric settings.

On the system login page, an administrator can log in with their username and password against the root FortiGate acting as the identity provider (IdP) in the Security Fabric. After the first successful log in, this user is added to the administrators table (System > Administrators under Single Sign-On Administrator). The default profile selected is based on the SP settings (Default admin profile). See Configuring a downstream FortiGate as an SP for more information.

SSO administrators can be manually configured in FortiOS.

To manually configure an SSO administrator in the GUI:
  1. Go to System > Administrators and click Create New > SSO Admin.

  2. Enter the username.

  3. Select an administrator profile.

  4. Click OK.

To manually configure an SSO administrator in the CLI:
config system sso-admin
    edit <name>
        set accprofile <profile>
        set vdom <vdom>
    next
end

SSO administrators

SSO administrators

SSO administrators are automatically created when the FortiGate acts as a SAML service provider (SP) with SAML Single Sign-On enabled in the Security Fabric settings.

On the system login page, an administrator can log in with their username and password against the root FortiGate acting as the identity provider (IdP) in the Security Fabric. After the first successful log in, this user is added to the administrators table (System > Administrators under Single Sign-On Administrator). The default profile selected is based on the SP settings (Default admin profile). See Configuring a downstream FortiGate as an SP for more information.

SSO administrators can be manually configured in FortiOS.

To manually configure an SSO administrator in the GUI:
  1. Go to System > Administrators and click Create New > SSO Admin.

  2. Enter the username.

  3. Select an administrator profile.

  4. Click OK.

To manually configure an SSO administrator in the CLI:
config system sso-admin
    edit <name>
        set accprofile <profile>
        set vdom <vdom>
    next
end