Configuring FortiAuthenticator Cloud - III
To fully configure a SAML SP entry for FortiSASE in FortiAuthenticator Cloud:
- Go to the open web browser and continue configuring Edit SAML Service Provider in FortiAuthenticator Cloud.
- In the SP Metadata pane, enter the SP information from FortiSASE, which you will use as the SAML SP:
FortiSASE > Configuration > VPN User SSO FortiAuthenticator Cloud > Edit SAML Service Provider Entity ID SP entity ID ACS URL SP ACS (login) URL SLS URL SP SLS (logout) URL - In Assertion Attribute Configuration, configure the following:
- Select Username from the Subject NameID dropdown list.
- Select urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified in Format.
- In Assertion Attributes, select Add Assertion Attribute and add the following attributes:
- SAML attribute: username
User attribute: SAML username
- SAML attribute: groups
User attribute: SAML group membership
- SAML attribute: username
- Click OK to save changes.