Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiWeb 7.2.4 CLI Reference
    7.2.4
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.3.23
    6.3.19
    6.3.18
    6.3.17
    6.3.16
    6.3.15
    6.3.14
    6.3.13
    6.3.11
    6.3.10
    6.3.9
    6.3.7
    6.3.6
    6.3.5
    6.3.4
    6.3.3
    6.3.2
    6.3.1
    6.3.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.2
    6.1.1
    5.7.0
    5.6.1
    5.6.0

    user oauth-user server

    user oauth-user server

    FortiWeb supports front-end authentication with third party authentication servers such as Google and Facebook.

    Use this command to add the third party authentication server information.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the authusergrp area. For details, see Permissions.

    Syntax

    config user oauth-user server

    edit <server_name>

    set mode {client | resource-server | both}

    set scope <string>

    set client-id <string>

    set client-secret <passwd>

    set redirect-endpoint <string>

    set authz-req <datasource>

    set token-req <datasource>

    set validate-req <datasource>

    set validate-frequency {session | transaction | interval}

    set validate-interval <integer>

    set userinfo-req <datasource>

    next

    end

    Variable Description Default
    mode {client | resource-server | both} Select whether FortiWeb works as an authorization client or a resource server, or both. No default
    scope <string> Enter the scope field for OAuth. No default

    oidc {enable | disable}

    Enable to use OIDC authentication.

    disable
    client-id <string> A client credential. Assigned by authorization server. urlencoded
    client-secret <passwd> A client credential. Assigned by authorization server. No default
    redirect-endpoint <string> Redirection URL back to FortiWeb.

    disable
    authz-req <datasource> The authorization request created in config user oauth-user request.

    No default
    token-req <datasource> The token request created in config user oauth-user request.

    No default
    refresh-req <datasource>

    The refresh request created in config user oauth-user request.

    No default
    validate-req <datasource>

    The valid request created in config user oauth-user request.

    No default
    validate-frequency {session | transaction | interval} Whether to validate the request per session, transaction, or every several second.

    No default

    validate-interval <integer>

    If the validate-frequency is interval, then enter the interval time.

    No default

    userinfo-req <datasource>

    The user info request created in config user oauth-user request.

    No default

    Related topics

    Previous
    Next

    user oauth-user server

    user oauth-user server

    FortiWeb supports front-end authentication with third party authentication servers such as Google and Facebook.

    Use this command to add the third party authentication server information.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the authusergrp area. For details, see Permissions.

    Syntax

    config user oauth-user server

    edit <server_name>

    set mode {client | resource-server | both}

    set scope <string>

    set client-id <string>

    set client-secret <passwd>

    set redirect-endpoint <string>

    set authz-req <datasource>

    set token-req <datasource>

    set validate-req <datasource>

    set validate-frequency {session | transaction | interval}

    set validate-interval <integer>

    set userinfo-req <datasource>

    next

    end

    Variable Description Default
    mode {client | resource-server | both} Select whether FortiWeb works as an authorization client or a resource server, or both. No default
    scope <string> Enter the scope field for OAuth. No default

    oidc {enable | disable}

    Enable to use OIDC authentication.

    disable
    client-id <string> A client credential. Assigned by authorization server. urlencoded
    client-secret <passwd> A client credential. Assigned by authorization server. No default
    redirect-endpoint <string> Redirection URL back to FortiWeb.

    disable
    authz-req <datasource> The authorization request created in config user oauth-user request.

    No default
    token-req <datasource> The token request created in config user oauth-user request.

    No default
    refresh-req <datasource>

    The refresh request created in config user oauth-user request.

    No default
    validate-req <datasource>

    The valid request created in config user oauth-user request.

    No default
    validate-frequency {session | transaction | interval} Whether to validate the request per session, transaction, or every several second.

    No default

    validate-interval <integer>

    If the validate-frequency is interval, then enter the interval time.

    No default

    userinfo-req <datasource>

    The user info request created in config user oauth-user request.

    No default

    Related topics

    Previous
    Next