Fortinet black logo

FortiGuest SAML Integration

Home FortiGuest 1.2.0 FortiGuest SAML Integration
1.2.0
1.2.0

Introduction

Introduction

FortiGuest is a complete provisioning, management, and reporting system that provides network access for guests and visitors. It works along side wireless controllers (FortiGate), LAN switches, NAC systems, firewalls, and other network enforcement devices that provide captive portal and enforcement points for user (remote) access.

Security Assertion Markup Language (SAML) is an XML-based standard for federated identity management. It allows users to authenticate to applications using their existing credentials from a trusted identity provider (IDP).

FortiGuest supports SAML integration for two purposes:

  • Authenticating users to the Captive portal: Users can authenticate to the Captive portal using their SAML credentials from a trusted IDP.

  • Allowing admin users and sponsors to log in to the admin portal: Admin users and sponsors can use their SAML credentials from a trusted IDP to log in to the FortiGuest admin UI.

This eliminates the need for users and admin users/sponsors to maintain separate credentials for authentication.

FortiGuest supports two types of SAML servers:

  • Microsoft Active Directory Federation Services (AD FS): FortiGuest can be integrated with Microsoft AD FS to authenticate users and admin users/sponsors.

  • Generic SAML server: FortiGuest can be integrated with any SAML server that supports the SAML 2.0 protocol.

This document provides two detailed examples of SAML integration with FortiGuest:

While the examples provided focus on using Microsoft AD FS for authenticating users to captive portal and FortiAuthenticator for authenticating admin/sponsor users to FortiGuest UI, any SAML server that supports SAML 2.0 protocol including Mircrosoft AD FS and FortiAuthenticator can be configured for both the purposes.

For more information, see FortiGuest Documentation.
Previous
Next

Introduction

FortiGuest is a complete provisioning, management, and reporting system that provides network access for guests and visitors. It works along side wireless controllers (FortiGate), LAN switches, NAC systems, firewalls, and other network enforcement devices that provide captive portal and enforcement points for user (remote) access.

Security Assertion Markup Language (SAML) is an XML-based standard for federated identity management. It allows users to authenticate to applications using their existing credentials from a trusted identity provider (IDP).

FortiGuest supports SAML integration for two purposes:

  • Authenticating users to the Captive portal: Users can authenticate to the Captive portal using their SAML credentials from a trusted IDP.

  • Allowing admin users and sponsors to log in to the admin portal: Admin users and sponsors can use their SAML credentials from a trusted IDP to log in to the FortiGuest admin UI.

This eliminates the need for users and admin users/sponsors to maintain separate credentials for authentication.

FortiGuest supports two types of SAML servers:

  • Microsoft Active Directory Federation Services (AD FS): FortiGuest can be integrated with Microsoft AD FS to authenticate users and admin users/sponsors.

  • Generic SAML server: FortiGuest can be integrated with any SAML server that supports the SAML 2.0 protocol.

This document provides two detailed examples of SAML integration with FortiGuest:

While the examples provided focus on using Microsoft AD FS for authenticating users to captive portal and FortiAuthenticator for authenticating admin/sponsor users to FortiGuest UI, any SAML server that supports SAML 2.0 protocol including Mircrosoft AD FS and FortiAuthenticator can be configured for both the purposes.

For more information, see FortiGuest Documentation.
Previous
Next