Fortinet Document Library

Version:

Version:

Version:

Version:


Table of Contents

Download PDF
Copy Link

Token Activation

The FortiToken Mobile application allows you to install Fortinet tokens that are issued from FortiGate, FortiAuthenticator, Fortitoken-Cloud, and third party tokens such as tokens for two step verification used by Dropbox, Google, Amazon and Microsoft.

FortiToken Activation Email/SMS Message

After your system administrator assigns your token, you will receive a notification with an Activation Code and an activation expiration date by which you must activate your token. Depending on which option your system administrator has chosen, you will receive the activation notification either by SMS or email. If you do not activate your token by the indicated expiration date, you must contact your system admin so that your token can be re-assigned for activation.

The activation notification looks like this for tokens issued from FortiGate, FortiAuthenticator, and Fortitoken-Cloud.

Welcome to FortiToken Mobile - One-Time-Password software token. 
Please visit http://docs.fortinet.com/fortitoken/ for instructions on how to install your FortiToken Mobile application on your device and to activate your token. 
Activation Code for FortiToken Cloud Mobile FTC5QTL95L6FIOS2, which you will need to enter on your device later, is xxxxxxxxxxxxxxxx
Alternatively, use the attached QR code image to activate your token with the "Scan Barcode" feature of the app. 
You must activate your token by: Monday December 14, 2020 20:39 UTC(+0000), after which you will need to contact your system administrator to re-enable your activation. 

Activating Your Token

You can activate your token on FortiToken Mobile IOS, Android, and Windows once you receive an Activation Code via email or sms.

Before you begin, make sure your device is set to the correct time and that you have Internet access.

Tokens have enforced-pin, required (optional), and not-required pin policy on FortiAuthenticator and FortiToken-cloud. Pins need to be set before activating tokens for two cases:

  1. Enforced-pin policy is selected by system administrator
  2. If required (optional) pin policy is selected by system administrator and no mobile device pin is set.

Once you have created and confirmed your PIN, you can add your tokens by using the Activation Code received via email or sms. You can either enter the Activation Code manually, or you can select Scan Barcode if your device supports it.

Scan Barcode

If your device supports QR code recognition, you can simply press Scan Barcode from Fortitoken Mobile home screen and point your device camera at the QR code attached to the activation email.

Note: QR code images are not provided using the SMS activation message, only with the email activation message.

Manual Activation

  1. Press Enter Manually, then select the type of token from the Enter Manually list.
    1. For FortiToken, select Fortinet.
    2. For 3rd-party token, select Other.
  2. Enter a name for this token and the Activation Code exactly as it appears in your Activation message, either by typing or copying & pasting.
    Note: FortiToken Mobile will automatically convert lower case to upper case letters so there is no need to use the Shift key when typing.
  3. Click Done.
  4. FTM will communicate with the Secure FTM Provisioning Server to activate your token. Once activated, you will see the OTP displayed on token list view.

Third Party Token Activation

Many cloud and online applications offer the option to turn on two step verification (aka two factor authentication) for added security. FortiToken Mobile provides a simple means to install tokens from cloud services providers, including Dropbox, Google, Amazon and Microsoft. Follow the provider’s instructions for turning on two step verification, and you will get to a web page displaying an activation code with options to scan a QR code or enter the code manually if you cannot scan the bar code.

If you use the option to Scan Barcod and no Token Name is entered, the Token Name will default to what is encoded in the QR code image for the account name. Token Name can be edited.

FortiToken Mobile allows you to choose a specific third party provider. If your provider is not listed, you can add a token if the activation code is presented in Base32 format.

Push Notification:

Other than OTP, push notification is an alternative for remote access login.

Push notification is supported on FTM IOS and FTM Android (FTM Windows doesn’t support push)

FTM app can receive push notifications when mobile device is locked or on home screen as well as when FTM app is open. FTM application user can choose to approve or deny the login request. Once action is taken on the login request, the message ‘Request sent successfully’ will display and dismisses within 1.5 seconds.

Token Activation

The FortiToken Mobile application allows you to install Fortinet tokens that are issued from FortiGate, FortiAuthenticator, Fortitoken-Cloud, and third party tokens such as tokens for two step verification used by Dropbox, Google, Amazon and Microsoft.

FortiToken Activation Email/SMS Message

After your system administrator assigns your token, you will receive a notification with an Activation Code and an activation expiration date by which you must activate your token. Depending on which option your system administrator has chosen, you will receive the activation notification either by SMS or email. If you do not activate your token by the indicated expiration date, you must contact your system admin so that your token can be re-assigned for activation.

The activation notification looks like this for tokens issued from FortiGate, FortiAuthenticator, and Fortitoken-Cloud.

Welcome to FortiToken Mobile - One-Time-Password software token. 
Please visit http://docs.fortinet.com/fortitoken/ for instructions on how to install your FortiToken Mobile application on your device and to activate your token. 
Activation Code for FortiToken Cloud Mobile FTC5QTL95L6FIOS2, which you will need to enter on your device later, is xxxxxxxxxxxxxxxx
Alternatively, use the attached QR code image to activate your token with the "Scan Barcode" feature of the app. 
You must activate your token by: Monday December 14, 2020 20:39 UTC(+0000), after which you will need to contact your system administrator to re-enable your activation. 

Activating Your Token

You can activate your token on FortiToken Mobile IOS, Android, and Windows once you receive an Activation Code via email or sms.

Before you begin, make sure your device is set to the correct time and that you have Internet access.

Tokens have enforced-pin, required (optional), and not-required pin policy on FortiAuthenticator and FortiToken-cloud. Pins need to be set before activating tokens for two cases:

  1. Enforced-pin policy is selected by system administrator
  2. If required (optional) pin policy is selected by system administrator and no mobile device pin is set.

Once you have created and confirmed your PIN, you can add your tokens by using the Activation Code received via email or sms. You can either enter the Activation Code manually, or you can select Scan Barcode if your device supports it.

Scan Barcode

If your device supports QR code recognition, you can simply press Scan Barcode from Fortitoken Mobile home screen and point your device camera at the QR code attached to the activation email.

Note: QR code images are not provided using the SMS activation message, only with the email activation message.

Manual Activation

  1. Press Enter Manually, then select the type of token from the Enter Manually list.
    1. For FortiToken, select Fortinet.
    2. For 3rd-party token, select Other.
  2. Enter a name for this token and the Activation Code exactly as it appears in your Activation message, either by typing or copying & pasting.
    Note: FortiToken Mobile will automatically convert lower case to upper case letters so there is no need to use the Shift key when typing.
  3. Click Done.
  4. FTM will communicate with the Secure FTM Provisioning Server to activate your token. Once activated, you will see the OTP displayed on token list view.

Third Party Token Activation

Many cloud and online applications offer the option to turn on two step verification (aka two factor authentication) for added security. FortiToken Mobile provides a simple means to install tokens from cloud services providers, including Dropbox, Google, Amazon and Microsoft. Follow the provider’s instructions for turning on two step verification, and you will get to a web page displaying an activation code with options to scan a QR code or enter the code manually if you cannot scan the bar code.

If you use the option to Scan Barcod and no Token Name is entered, the Token Name will default to what is encoded in the QR code image for the account name. Token Name can be edited.

FortiToken Mobile allows you to choose a specific third party provider. If your provider is not listed, you can add a token if the activation code is presented in Base32 format.

Push Notification:

Other than OTP, push notification is an alternative for remote access login.

Push notification is supported on FTM IOS and FTM Android (FTM Windows doesn’t support push)

FTM app can receive push notifications when mobile device is locked or on home screen as well as when FTM app is open. FTM application user can choose to approve or deny the login request. Once action is taken on the login request, the message ‘Request sent successfully’ will display and dismisses within 1.5 seconds.