Fortinet Document Library

Version:


Table of Contents

User Guide

21.4.0
Copy Link

Set Up SSO with Azure AD

Before getting started, see SSO Configuration to learn more about our general SSO settings.

To set up SSO with Azure AD, perform the following steps:

  1. (From FortiMonitor) Create an SSO integration from Settings > Integrations > Microsoft ADFS.

  2. (From FortiMonitor)The URL Fragment is any custom word (text only) that will be attached to the FortiMonitor login URL. For example, if you set “testing” your FortiMonitor login will be my.panopta.com/sso/testing.
    Note: New users should use fortimonitor.forticloud.com for the SSO URL. For long time customers of FortiMonitor, continue using my.panopta.com.

  3. (From Azure) Create an Application for the SSO from Azure Active Directory > Enterprise application > New Application > Non-gallery Application.

  4. (From Azure) Create a new certificate and select the Response and Assertion from Signing Options. Once the new certificate is created, set this as active.

5. (From FortiMonitor) The Usernamefield is the field that Azure uses for your email address. This can be edited from Azure:  

6. (From FortiMonitor) The Entity ID and the Login Binding can be found in the Azure metadata.xml file:

7. (From FortiMonitor) The Login URL can be copied from Azure:

8. (From FortiMonitor) Download the certificate from Azure and copy the content to the Certificate field in FortiMonitor.

9. (From FortiMonitor) From the User Configuration, enable Auto Create Users.

You may want to Assign the Roles manually so that the new user will get that role when they are added to FortiMonitor.

10. Save the changes by clicking on Save.

11. (From Azure) You can get the metadata.xml file from FortiMonitor by going to the browser and entering:

https://my.panopta.com/sso/{URL_Fragment}/metadata

11. Right click and select Save As to save the xml file.

Note: Replace URL_Fregment with the url_fragment that you created above.

12. From the Application created previously, upload the metadata.xml file:

Once this is uploaded the Basic SAML Configuration will be filled out automatically.

13. You can test the integration from the Azure SSO config page by clicking Test at the button of the page.

Set Up SSO with Azure AD

Before getting started, see SSO Configuration to learn more about our general SSO settings.

To set up SSO with Azure AD, perform the following steps:

  1. (From FortiMonitor) Create an SSO integration from Settings > Integrations > Microsoft ADFS.

  2. (From FortiMonitor)The URL Fragment is any custom word (text only) that will be attached to the FortiMonitor login URL. For example, if you set “testing” your FortiMonitor login will be my.panopta.com/sso/testing.
    Note: New users should use fortimonitor.forticloud.com for the SSO URL. For long time customers of FortiMonitor, continue using my.panopta.com.

  3. (From Azure) Create an Application for the SSO from Azure Active Directory > Enterprise application > New Application > Non-gallery Application.

  4. (From Azure) Create a new certificate and select the Response and Assertion from Signing Options. Once the new certificate is created, set this as active.

5. (From FortiMonitor) The Usernamefield is the field that Azure uses for your email address. This can be edited from Azure:  

6. (From FortiMonitor) The Entity ID and the Login Binding can be found in the Azure metadata.xml file:

7. (From FortiMonitor) The Login URL can be copied from Azure:

8. (From FortiMonitor) Download the certificate from Azure and copy the content to the Certificate field in FortiMonitor.

9. (From FortiMonitor) From the User Configuration, enable Auto Create Users.

You may want to Assign the Roles manually so that the new user will get that role when they are added to FortiMonitor.

10. Save the changes by clicking on Save.

11. (From Azure) You can get the metadata.xml file from FortiMonitor by going to the browser and entering:

https://my.panopta.com/sso/{URL_Fragment}/metadata

11. Right click and select Save As to save the xml file.

Note: Replace URL_Fregment with the url_fragment that you created above.

12. From the Application created previously, upload the metadata.xml file:

Once this is uploaded the Basic SAML Configuration will be filled out automatically.

13. You can test the integration from the Azure SSO config page by clicking Test at the button of the page.