Fortinet black logo

Introduction

Copy Link
Copy Doc ID 244b21d6-bbc7-11ee-8673-fa163e15d75b:941474
Download PDF

Introduction

FortiTrust Identity is an Identity and Access Management as a Service (IDaaS) cloud service offered by Fortinet. FortiAuthenticator Cloud and FortiToken Cloud are available as a bundled service in FortiTrust Identity.

FortiTrust Identity delivers the following features using FortiAuthenticator Cloud:

  • Authentication: FortiTrust Identity includes passwordless Fast IDentity Online (FIDO), OAuth2 Authorization, OpenID Connect (OIDC), and Security Assertion Markup Language (SAML) authentication methods.

  • User Identification: FortiTrust Identity can identify users through multiple data sources, including Active Directory (AD), desktop client, guest portal logon, RADIUS accounting, Kerberos, and a Representational State Transfer (REST) API. It can then communicate this information to FortiGate or FortiMail units for use in identity based policies.

  • Certificate Management: FortiTrust Identity can create and sign digital certificates for use.

  • Integration: FortiTrust Identity can integrate with third-party RADIUS, LDAP, and SAML authentication systems, allowing you to reuse existing information sources. The REST API can also be used to integrate with external provisioning systems.

FortiTrust Identity delivers the following features using FortiToken Cloud:

  • Adaptive Authentication: FortiTrust Identity provides adaptive authentication where more information regarding a login attempt, including time of the day, geo-location, and so- on, is used to evaluate the risk of a login attempt. FortiTrust Identity allows end-users to bypass OTP verification of MFA under certain “safer” conditions and denies such attempts under certain otherwise “riskier” conditions.

  • Multi-Factor Authentication: FortiTrust Identity can act as a multi-factor authentication client using FortiToken Cloud.

    More information

    End-customers use FortiAuthenticator Cloud the same way as the stand-alone FortiAuthenticator. As a result, end-customers can use the FortiAuthenticator Admin Guide for information about using either the stand-alone FortiAuthenticator or FortiAuthenticator Cloud. For more information, see the FortiAuthenticator Admin Guide on the Fortinet Docs Library.

    For information on the limitations of FortiAuthenticator Cloud, see the FortiTrust Identity Release Notes on the Fortinet Docs Library.

Introduction

FortiTrust Identity is an Identity and Access Management as a Service (IDaaS) cloud service offered by Fortinet. FortiAuthenticator Cloud and FortiToken Cloud are available as a bundled service in FortiTrust Identity.

FortiTrust Identity delivers the following features using FortiAuthenticator Cloud:

  • Authentication: FortiTrust Identity includes passwordless Fast IDentity Online (FIDO), OAuth2 Authorization, OpenID Connect (OIDC), and Security Assertion Markup Language (SAML) authentication methods.

  • User Identification: FortiTrust Identity can identify users through multiple data sources, including Active Directory (AD), desktop client, guest portal logon, RADIUS accounting, Kerberos, and a Representational State Transfer (REST) API. It can then communicate this information to FortiGate or FortiMail units for use in identity based policies.

  • Certificate Management: FortiTrust Identity can create and sign digital certificates for use.

  • Integration: FortiTrust Identity can integrate with third-party RADIUS, LDAP, and SAML authentication systems, allowing you to reuse existing information sources. The REST API can also be used to integrate with external provisioning systems.

FortiTrust Identity delivers the following features using FortiToken Cloud:

  • Adaptive Authentication: FortiTrust Identity provides adaptive authentication where more information regarding a login attempt, including time of the day, geo-location, and so- on, is used to evaluate the risk of a login attempt. FortiTrust Identity allows end-users to bypass OTP verification of MFA under certain “safer” conditions and denies such attempts under certain otherwise “riskier” conditions.

  • Multi-Factor Authentication: FortiTrust Identity can act as a multi-factor authentication client using FortiToken Cloud.

    More information

    End-customers use FortiAuthenticator Cloud the same way as the stand-alone FortiAuthenticator. As a result, end-customers can use the FortiAuthenticator Admin Guide for information about using either the stand-alone FortiAuthenticator or FortiAuthenticator Cloud. For more information, see the FortiAuthenticator Admin Guide on the Fortinet Docs Library.

    For information on the limitations of FortiAuthenticator Cloud, see the FortiTrust Identity Release Notes on the Fortinet Docs Library.