Remote authentication: FortiAuthenticator
You need to set up both FortiAuthenticator and FortiPortal before you can use FortiAuthenticator for remote authentication.
Configuring FortiAuthenticator
Before using FortiAuthenticator for remote authentication, go to System > Messaging > SMTP Servers in FortiAuthenticator and make certain that the SMTP server is working. If the SMTP server is not working, configure a new SMTP server and then select it in System > Messaging > Email Services.
To configure FortiAuthenticator:
- Configure an administrator user or use the default
admin
user with a valid email address. - Enable Web service access.
When Force password change on next logon is enabled, FortiPortal will require the user to change their password after their first login.
- Save the REST API key that you will receive by email.
Configuring FortiPortal
When you configure Authentication Access as Remote in System > Settings > Authentication, the remote server is set to FortiAuthenticator by default, and the system displays additional settings to configure.
If you change the authentication configuration from local to remote or from remote to local, you must restart FortiPortal. |
To configure FortiPortal:
- Go to System > Settings > Authentication.
- In Authentication Access, select Remote.
- In Remote Server, select ForitAuthenticator.
- In Remote Server Port, enter
443
. - In Remote Server IP Address, enter the IP address of the authentication server.
- In Remote Server Key, paste the FortiAuthenticator REST API key you received by email.
- In Domains, add the domain for the administrator user. For example, if the administrator user is
abc@test.com
, addtest.com
in Domains. - In Remote Server User field, enter the name of the FortiAuthenticator administrator user.
- Click Save.