Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.2.1
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home FortiSOC Cloud Administration Guide

    User management

    User management

    User access to FortiSOC is managed within the FortiCloud Identity & Access Management (IAM) portal. In this portal, you can create IAM users and assign permission profiles to define portal access.

    Permission profiles allow you to explicitly enable or disable access to portals, including FortiSOC, and grant portal-specific permissions for the enabled portals. In addition, you can further configure Role-Based Access Controls (RBAC) within the FortiSOC GUI. For more information, see Role-based access control (RBAC).

    FortiCloud also offers an IAM feature that enables you to create and manage external IdP roles that allow users from your organization to log in to the FortiSOC portal using the user credentials with your organization's ID provider. External IdP users are authenticated by your organization's ID provider. After the user is authenticated, they can access FortiSOC based on their role. For more information, see Authentication and single sign-on (SSO).

    To create a permission profile:

    Before you can create IAM users or external IdP roles, you must create the permission profiles that will be assigned to them.

    1. Login to https://support.fortinet.com/.

    2. To access the IAM portal, go to Services > IAM.

    3. In the IAM portal, go to Permission Profiles.

    4. Click Add New.

      The New Portal Permission Profile page displays.

    5. In the Basic Info section, enter the permission profile name and select the status.

    6. Click Add Portal.

      A list of available portals displays.

    7. Select FortiSOC and any other required portals, and the click Add.

      The selected portals are displayed in cards.

    8. Define the portal permissions in the FortiSOC card.

      The permissions define the users' Roles within FortiSOC.

      • Admin: Full Admin role

      • Read / Write: Analyst role

      • Read Only: Read-Only Admin role

      • Custom: Assign the user to a predefined or custom role in the FortiSOC GUI.

      For more information about those roles, see Role-based access control (RBAC).

    9. Click Save.

      This permission profile can now be assigned to users. If needed, create another permission profile with a different level of access to FortiSOC (or other portals).

      For information on creating permission profiles, see the FortiCloud Account Services Identity & Access Management documentation.

    To create an IAM user:

    1. Login to https://support.fortinet.com/.

    2. To access the IAM portal, go to Services > IAM.

    3. In the IAM portal, go to Users.

    4. Click Add New > IAM User.

    5. In the User Details page, enter the user details, and then click Next.

    6. In the User Permissions page, assign the IAM user the appropriate permission scope and profile, and then click Next.

    7. In the Confirmation page, click Confirm to complete the user creation process.

    8. In the Successful User Registration page, click Generate Password to generate a reset password link for the user to login.

    9. Click Copy Reset Link.

    Once this is complete, you can share the link with the user to access their FortiCloud account. They will have access to the FortiSOC portal as defined in the permission profile.

    Previous
    Next

    User management

    User management

    User access to FortiSOC is managed within the FortiCloud Identity & Access Management (IAM) portal. In this portal, you can create IAM users and assign permission profiles to define portal access.

    Permission profiles allow you to explicitly enable or disable access to portals, including FortiSOC, and grant portal-specific permissions for the enabled portals. In addition, you can further configure Role-Based Access Controls (RBAC) within the FortiSOC GUI. For more information, see Role-based access control (RBAC).

    FortiCloud also offers an IAM feature that enables you to create and manage external IdP roles that allow users from your organization to log in to the FortiSOC portal using the user credentials with your organization's ID provider. External IdP users are authenticated by your organization's ID provider. After the user is authenticated, they can access FortiSOC based on their role. For more information, see Authentication and single sign-on (SSO).

    To create a permission profile:

    Before you can create IAM users or external IdP roles, you must create the permission profiles that will be assigned to them.

    1. Login to https://support.fortinet.com/.

    2. To access the IAM portal, go to Services > IAM.

    3. In the IAM portal, go to Permission Profiles.

    4. Click Add New.

      The New Portal Permission Profile page displays.

    5. In the Basic Info section, enter the permission profile name and select the status.

    6. Click Add Portal.

      A list of available portals displays.

    7. Select FortiSOC and any other required portals, and the click Add.

      The selected portals are displayed in cards.

    8. Define the portal permissions in the FortiSOC card.

      The permissions define the users' Roles within FortiSOC.

      • Admin: Full Admin role

      • Read / Write: Analyst role

      • Read Only: Read-Only Admin role

      • Custom: Assign the user to a predefined or custom role in the FortiSOC GUI.

      For more information about those roles, see Role-based access control (RBAC).

    9. Click Save.

      This permission profile can now be assigned to users. If needed, create another permission profile with a different level of access to FortiSOC (or other portals).

      For information on creating permission profiles, see the FortiCloud Account Services Identity & Access Management documentation.

    To create an IAM user:

    1. Login to https://support.fortinet.com/.

    2. To access the IAM portal, go to Services > IAM.

    3. In the IAM portal, go to Users.

    4. Click Add New > IAM User.

    5. In the User Details page, enter the user details, and then click Next.

    6. In the User Permissions page, assign the IAM user the appropriate permission scope and profile, and then click Next.

    7. In the Confirmation page, click Confirm to complete the user creation process.

    8. In the Successful User Registration page, click Generate Password to generate a reset password link for the user to login.

    9. Click Copy Reset Link.

    Once this is complete, you can share the link with the user to access their FortiCloud account. They will have access to the FortiSOC portal as defined in the permission profile.

    Previous
    Next