Fortinet black logo

FAQs

FAQs

FAQs

FortiTrust Identity and FortiAuthenticator Cloud

I currently have a FortiAuthenticator license. Can I switch to FortiTrust Identity, and what will be the impact on my current configuration?

You can purchase a FortiTrust Identity license and migrate your existing FortiAuthenticator configuration to the new FortiTrust Identity (FortiAuthenticator in FortiCloud) using available Dev tools.

Has FortiAuthenticator been renamed to FortiTrust Identity?

No, FortiAuthenticator remains in the product line and is applicable for customers who prefer the on-prem deployment option. FortiTrust Identity is a cloud-based service that includes both FortiAuthenticator and FortiToken capabilities.

Is FortiTrust Identity based on the FortiAuthenticator engine?

Yes, it is. FortiTrust Identity integrates FortiAuthenticator and FortiToken capabilities into a cloud-based subscription service offering.

Is FortiTrust Identity a FortiAuthenticator hosted in FortiCloud with licensed user-band pricing?

Almost correct. FortiTrust Identity is more than FortiAuthenticator hosted in the FortiCloud. FortiTrust Identity is the integration of FortiAuthenticator(in the cloud) and FortiToken Cloud combined to provide Identity as a Service (IDaaS).

What is the difference between FortiAuthenticator and FortiTrust Identity? Does FortiTrust Identity require FortiClient or FortiCloud Premium?

FortiAuthenticator is an on-prem solution for authentication and SSO. FortiTrust Identity is a cloud-based solution for authentications, SSO and MFA. You can think of FortiTrust Identity as a combination of FortiAuthenticator Cloud and FortiToken Cloud.

Note: There is no FortiAuthenticator Cloud product yet.

FortiTrust Identity is a cloud-based IAM solution with user-based SKUs. Is there an on-prem option for user-based SKUs?

FortiTrust solutions are all cloud-focused. FortiTrust Identity is a cloud-only IAM offering with user-based SKUs. The on-prem IAM offering would be FortiAuthenticator and FortiToken (or FortiToken Cloud) with FortiAuthenticator perpetual licensing.

Can FortiAuthenticator Windows Agent be used with FortiTrust Identity?

Yes, however, offline tokens are not supported. Offline tokens support will be added in a future version.

Is FortiAuthenticator Cloud multi-tenant?

No, only a single instance is provided per FortiCloud account.

FortiTrust Identity

On the FortiTrust Identity, how do you grow if needed, assuming in the same price band?

Yes, you can enable customers to expand in the same price band.

How do I co-term FortiTrust Identity subscription licenses?

You can contact the Fortinet Sales Representative or reach out to the Fortinet renewal team via renewals@fortinet.com.

Can IDaaS be used for application authentication from across apps in public clouds to make sure that the application is authenticated before being able to perform its functions?

For users to gain access to SaaS applications, they must get authenticated by an Identity Provider (IdP) such as FortiTrust Identity (for customers who prefer the cloud deployment option) or FortiAuthenticator (for customers who prefer the on-prem deployment option). Most (or all) of these SaaS applications already support either SAML or OIDC web authentication protocol, which is used to establish security handshakes/exchanges with the IdP during the user authentication process.

Is FortiTrust Identity multi-tenant?

No, while FortiToken Cloud is a multi-tenant solution; with a FortiTrust Identity license, only a single FortiAuthenticator Cloud instance is provided.

FortiTrust Identity and FortiToken Cloud

I currently have points-based FortiToken Cloud licenses. Can I switch to FortiTrust Identity?

You can activate it and consume all the points before switching to FortiTrust Identity or contact Fortinet Support to see if they can replace your unused credit-based license with a FortiTrust Identity license.

I currently have time-based FortiToken Cloud licenses. Can I switch to FortiTrust Identity?

Yes, you can simultaneously have FortiToken Cloud and FortiTrust Identity licenses.

What will happen to my existing users configured in FortiToken Cloud if I switch to FortiTrust Identity?

Your existing users will not be impacted, and they will continue to use the MFA service without any interruptions. You will need to purchase and activate your FortiTrust license within 30 days of your existing license expiration.

Do I need to purchase FortiToken licenses along with FortiTrust Identity to configure MFA?

The FortiTrust Identity license includes tokens for the FortiToken mobile application. User-friendly push technology simplifies the end user authentication experience by requiring a swipe or click. If you prefer hardware tokens, you must purchase them separately.

Previous
Next

FAQs

FortiTrust Identity and FortiAuthenticator Cloud

I currently have a FortiAuthenticator license. Can I switch to FortiTrust Identity, and what will be the impact on my current configuration?

You can purchase a FortiTrust Identity license and migrate your existing FortiAuthenticator configuration to the new FortiTrust Identity (FortiAuthenticator in FortiCloud) using available Dev tools.

Has FortiAuthenticator been renamed to FortiTrust Identity?

No, FortiAuthenticator remains in the product line and is applicable for customers who prefer the on-prem deployment option. FortiTrust Identity is a cloud-based service that includes both FortiAuthenticator and FortiToken capabilities.

Is FortiTrust Identity based on the FortiAuthenticator engine?

Yes, it is. FortiTrust Identity integrates FortiAuthenticator and FortiToken capabilities into a cloud-based subscription service offering.

Is FortiTrust Identity a FortiAuthenticator hosted in FortiCloud with licensed user-band pricing?

Almost correct. FortiTrust Identity is more than FortiAuthenticator hosted in the FortiCloud. FortiTrust Identity is the integration of FortiAuthenticator(in the cloud) and FortiToken Cloud combined to provide Identity as a Service (IDaaS).

What is the difference between FortiAuthenticator and FortiTrust Identity? Does FortiTrust Identity require FortiClient or FortiCloud Premium?

FortiAuthenticator is an on-prem solution for authentication and SSO. FortiTrust Identity is a cloud-based solution for authentications, SSO and MFA. You can think of FortiTrust Identity as a combination of FortiAuthenticator Cloud and FortiToken Cloud.

Note: There is no FortiAuthenticator Cloud product yet.

FortiTrust Identity is a cloud-based IAM solution with user-based SKUs. Is there an on-prem option for user-based SKUs?

FortiTrust solutions are all cloud-focused. FortiTrust Identity is a cloud-only IAM offering with user-based SKUs. The on-prem IAM offering would be FortiAuthenticator and FortiToken (or FortiToken Cloud) with FortiAuthenticator perpetual licensing.

Can FortiAuthenticator Windows Agent be used with FortiTrust Identity?

Yes, however, offline tokens are not supported. Offline tokens support will be added in a future version.

Is FortiAuthenticator Cloud multi-tenant?

No, only a single instance is provided per FortiCloud account.

FortiTrust Identity

On the FortiTrust Identity, how do you grow if needed, assuming in the same price band?

Yes, you can enable customers to expand in the same price band.

How do I co-term FortiTrust Identity subscription licenses?

You can contact the Fortinet Sales Representative or reach out to the Fortinet renewal team via renewals@fortinet.com.

Can IDaaS be used for application authentication from across apps in public clouds to make sure that the application is authenticated before being able to perform its functions?

For users to gain access to SaaS applications, they must get authenticated by an Identity Provider (IdP) such as FortiTrust Identity (for customers who prefer the cloud deployment option) or FortiAuthenticator (for customers who prefer the on-prem deployment option). Most (or all) of these SaaS applications already support either SAML or OIDC web authentication protocol, which is used to establish security handshakes/exchanges with the IdP during the user authentication process.

Is FortiTrust Identity multi-tenant?

No, while FortiToken Cloud is a multi-tenant solution; with a FortiTrust Identity license, only a single FortiAuthenticator Cloud instance is provided.

FortiTrust Identity and FortiToken Cloud

I currently have points-based FortiToken Cloud licenses. Can I switch to FortiTrust Identity?

You can activate it and consume all the points before switching to FortiTrust Identity or contact Fortinet Support to see if they can replace your unused credit-based license with a FortiTrust Identity license.

I currently have time-based FortiToken Cloud licenses. Can I switch to FortiTrust Identity?

Yes, you can simultaneously have FortiToken Cloud and FortiTrust Identity licenses.

What will happen to my existing users configured in FortiToken Cloud if I switch to FortiTrust Identity?

Your existing users will not be impacted, and they will continue to use the MFA service without any interruptions. You will need to purchase and activate your FortiTrust license within 30 days of your existing license expiration.

Do I need to purchase FortiToken licenses along with FortiTrust Identity to configure MFA?

The FortiTrust Identity license includes tokens for the FortiToken mobile application. User-friendly push technology simplifies the end user authentication experience by requiring a swipe or click. If you prefer hardware tokens, you must purchase them separately.

Previous
Next