FortiOS comes with a
"config system global" command which enables the FortiGate admin to enable or disable FTC service on FortiGate. If FTC is disabled, all APIs to FTC will be disabled, except the
"show" command under
"execute fortitoken-cloud ?". This provides a way to control the communication between the whole FortiGate device so that individual auth clients (VDOMs) will not be able to set up their connections or communicate with the remote FTC server.
By default, FTC is enabled in FortiOS. If it is disabled, you will not have the option of FTC service as an MFA method when configuring a user.
config system global set alias "FG101ETK18002806" set hostname "FG101ETK18002806" set fortitoken-cloud enable set switch-controller enable set timezone 04 end
This global configuration does not invoke any FortiGate-FortiToken Cloud API.