Fortinet black logo

Admin guide

Home FortiToken Cloud Admin guide

Split user quota to different realms

Copy Link
Copy Doc ID 1843b2fc-5b95-11ed-96f0-fa163e15d75b:679928
Download PDF

Split user quota to different realms

FortiToken Cloud enables you to split out user quota to sub-accounts. Sub-accounts can also use functions like MFA, bypass, block, and realm configuration. This is the so-called “Managed Security Service Provider” capability. The host account holder can create sub-accounts and assign a user quota to those sub-accounts. Each sub-account can create its own password and has its own private login portal. The account holder is the security service provider and can manage all of the sub-accounts on the FortiToken Cloud portal.

To create a sub-account:

  1. Log in to ftc.fortinet.com using the host account holder's credential.

  2. Click the email username in the top-right corner, and select “My Account”.

  3. The browser will be navigated to support.fortinet.com automatically.

  4. Click “Manage User” in the left sidebar. This opens the sub-users list.

  5. Click the Add user button in the top-right corner of the sub-users list.

  6. Enter the sub-user client information, including “User Name”, “Email (Account ID)”, and “Telephone”. Additionally, enter some details, such as “purchased 10 user quotas”, in the Description field.

  7. Select “Limit Access”, which allows you (the host account holder) to assign specific devices to this sub-user, like a FortiGate for creating users.

  8. Click Save.

  9. The sub-user clients will receive an email, asking them to create their own passwords for logging into ftc.fortinet.com.

  10. After sub-users are created, the host account holder can assign resources to sub-users, including user quotas, realms, and auth clients. For more details of assigning resources, see Administrators.

The following steps show how to use this feature:

  1. The host account holder creates a sub-user “subuser1” by using the provided client’s email. Clients can use their own email and password to log into ftc.fortinet.com, and can see the user quota assigned to them by the host account holder.

  2. The host account holder can assign a user quota to a client in the Realms page.

    1. Navigate to the Realms page, and click Add Realm to add a new realm.

    2. Mouse over the newly created realm, select Edit Realm in the tool bar on the right.

    3. Assign a user quota by entering a number or dragging the bubble point, and click OK.

  3. The host account holder can assign the realms to a client in the Administrator page.

    1. Navigate to the Administrator page and click Add Admin Group.

    2. Edit the admin group by clicking the new group name.

    3. Assign the sub-account in Admins in Group and Realm to this group in Managed Realms which is created in Step 2, and click Close

  4. The host account holder can assign auth client to the client by selecting Auth Clients>FortiProducts.

  5. The client can see the users created by the host on the assigned FortiProducts, for example, FortiGate.

Previous
Next

Split user quota to different realms

FortiToken Cloud enables you to split out user quota to sub-accounts. Sub-accounts can also use functions like MFA, bypass, block, and realm configuration. This is the so-called “Managed Security Service Provider” capability. The host account holder can create sub-accounts and assign a user quota to those sub-accounts. Each sub-account can create its own password and has its own private login portal. The account holder is the security service provider and can manage all of the sub-accounts on the FortiToken Cloud portal.

To create a sub-account:

  1. Log in to ftc.fortinet.com using the host account holder's credential.

  2. Click the email username in the top-right corner, and select “My Account”.

  3. The browser will be navigated to support.fortinet.com automatically.

  4. Click “Manage User” in the left sidebar. This opens the sub-users list.

  5. Click the Add user button in the top-right corner of the sub-users list.

  6. Enter the sub-user client information, including “User Name”, “Email (Account ID)”, and “Telephone”. Additionally, enter some details, such as “purchased 10 user quotas”, in the Description field.

  7. Select “Limit Access”, which allows you (the host account holder) to assign specific devices to this sub-user, like a FortiGate for creating users.

  8. Click Save.

  9. The sub-user clients will receive an email, asking them to create their own passwords for logging into ftc.fortinet.com.

  10. After sub-users are created, the host account holder can assign resources to sub-users, including user quotas, realms, and auth clients. For more details of assigning resources, see Administrators.

The following steps show how to use this feature:

  1. The host account holder creates a sub-user “subuser1” by using the provided client’s email. Clients can use their own email and password to log into ftc.fortinet.com, and can see the user quota assigned to them by the host account holder.

  2. The host account holder can assign a user quota to a client in the Realms page.

    1. Navigate to the Realms page, and click Add Realm to add a new realm.

    2. Mouse over the newly created realm, select Edit Realm in the tool bar on the right.

    3. Assign a user quota by entering a number or dragging the bubble point, and click OK.

  3. The host account holder can assign the realms to a client in the Administrator page.

    1. Navigate to the Administrator page and click Add Admin Group.

    2. Edit the admin group by clicking the new group name.

    3. Assign the sub-account in Admins in Group and Realm to this group in Managed Realms which is created in Step 2, and click Close

  4. The host account holder can assign auth client to the client by selecting Auth Clients>FortiProducts.

  5. The client can see the users created by the host on the assigned FortiProducts, for example, FortiGate.

Previous
Next