Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiProxy 7.2.8 Administration Guide
    7.2.8
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.0
    7.0.19
    7.0.17
    7.0.0
    2.0.0
    1.2.0
    1.1.0
    1.0.0

    Associate FortiTokens with accounts

    Associate FortiTokens with accounts

    The final step before using the FortiTokens to authenticate logons is associating a FortiToken with an account. The accounts can be local user or administrator accounts.

    NOTE: You cannot delete a FortiToken from the FortiToken list page if it is associated with a user account.

    To add a FortiToken to a local user account using web-based manager:

    1. Ensure that your FortiToken serial number has been added to the FortiProxy unit successfully, and its status is Available.

    2. Go to User & Authentication > User Definition, select the user account, and then click Edit User.

    3. Enter the userʼs Email Address.

    4. Enable Two-factor Authentication.

    5. Select the user's FortiToken serial number from the Token list.

    6. Click OK.

    note icon

    For mobile token, select Send Activation Code to be sent to the email address configured previously. The user will use this code to activate the mobile token. An Email Service has to be set under System > Advanced to send the activation code.
    To add a FortiToken to a local user account using the CLI:

    config user local

    edit <username>

    set type password

    set passwd "myPassword"

    set two-factor fortitoken

    set fortitoken <serial_number>

    set email-to "username@example.com"

    set status enable

    next

    end

    To add a FortiToken to an administrator account using the web-based manager:

    1. Ensure that your FortiToken serial number has been added to the FortiProxy unit successfully, and its status is Available.

    2. Go to System > Administrators , select admin, and then click Edit. This account is assumed to be configured except for two-factor authentication.

    3. Enter admin's Email Address.

    4. Enable Two-factor Authentication.

    5. Select the user's FortiToken serial number from the Token list.

    6. Click OK.

    note icon

    For mobile token, select Send Activation Code to be sent to the email address configured previously. The admin will use this code to activate the mobile token. An Email Service has to be set under System > Advanced to send the activation code.
    To add a FortiToken to an administrator account using the CLI:

    config system admin

    edit <username>

    set password "myPassword"

    set two-factor fortitoken

    set fortitoken <serial_number>

    set email-to "username@example.com"

    next

    end

    The fortitoken keyword is not visible until fortitoken is selected for the two-factor option.

    note icon Before a new FortiToken can be used, you might need to synchronize it due to clock drift.
    Previous
    Next

    Associate FortiTokens with accounts

    Associate FortiTokens with accounts

    The final step before using the FortiTokens to authenticate logons is associating a FortiToken with an account. The accounts can be local user or administrator accounts.

    NOTE: You cannot delete a FortiToken from the FortiToken list page if it is associated with a user account.

    To add a FortiToken to a local user account using web-based manager:

    1. Ensure that your FortiToken serial number has been added to the FortiProxy unit successfully, and its status is Available.

    2. Go to User & Authentication > User Definition, select the user account, and then click Edit User.

    3. Enter the userʼs Email Address.

    4. Enable Two-factor Authentication.

    5. Select the user's FortiToken serial number from the Token list.

    6. Click OK.

    note icon

    For mobile token, select Send Activation Code to be sent to the email address configured previously. The user will use this code to activate the mobile token. An Email Service has to be set under System > Advanced to send the activation code.
    To add a FortiToken to a local user account using the CLI:

    config user local

    edit <username>

    set type password

    set passwd "myPassword"

    set two-factor fortitoken

    set fortitoken <serial_number>

    set email-to "username@example.com"

    set status enable

    next

    end

    To add a FortiToken to an administrator account using the web-based manager:

    1. Ensure that your FortiToken serial number has been added to the FortiProxy unit successfully, and its status is Available.

    2. Go to System > Administrators , select admin, and then click Edit. This account is assumed to be configured except for two-factor authentication.

    3. Enter admin's Email Address.

    4. Enable Two-factor Authentication.

    5. Select the user's FortiToken serial number from the Token list.

    6. Click OK.

    note icon

    For mobile token, select Send Activation Code to be sent to the email address configured previously. The admin will use this code to activate the mobile token. An Email Service has to be set under System > Advanced to send the activation code.
    To add a FortiToken to an administrator account using the CLI:

    config system admin

    edit <username>

    set password "myPassword"

    set two-factor fortitoken

    set fortitoken <serial_number>

    set email-to "username@example.com"

    next

    end

    The fortitoken keyword is not visible until fortitoken is selected for the two-factor option.

    note icon Before a new FortiToken can be used, you might need to synchronize it due to clock drift.
    Previous
    Next