With Single Sign-On Mode enabled, users will be redirected to FortiGate's Single Sign-On Provider page when they click Single Sign-On on FortiWeb's login page. They will be required to log in with FortiGate's administrator account.
Use this command to create a SSO admin account and grant permissions for this account.
For how to configure SSO with FortiGate, see Fabric Connector: Single Sign On with FortiGate.
To use this command, your administrator account’s access control profile must have either
rw permission to the
admingrp area. For details, see Permissions.
config system sso-admin
set access-profile <profile name>
set domains <adom name>
Enter a name of the administrator account, such as
Do not use spaces or special characters except the ‘at’ symbol (
To display the list of existing accounts, enter:
Note: This is the user name that the administrator must provide when logging in to the CLI or web UI.
Enter the name of an access profile that gives the permissions for this administrator account. See also system accprofile. The maximum length is 63 characters.
You can select prof_admin, a special access profile used by the
To display the list of existing profiles, enter:
Enter the name of an administrative domain (ADOM) to assign and restrict this administrative account to it.