Hi,
I would like to know if the only way to use SAML to login Fortigate appliance (or VM) is using FortiAuthenticator ?
So SAML on fortigate is only for Fabric and if we want to use SAML from our IdP we need to use FortiAuthenticator and use FSSO between FortiAuthenticator and Fortigate Root?
We are agree that in this case FortiAuthenticator allow to use any IdP? I saw samples in docs with Okta/ Google G Suite / Centrify
http://docs.fortinet.com/...saml-sso-configuration
"You can select Custom when you want to change the default settings for IdP single-sign-on URL and IdP single logout URL"
Following the documentation link above the only things what we can change is the "sign-on" and "logout" URLs but in the appliance we can change IdP entity ID too.
Tanks a lot for any clue/help
wrong place ... sorry.
How can i move it ?
Any word on this. I do not have a FortiAuthenticator. This functionality should be built into FortiGate. Only super large organizations should need a separate authentication appliance. I would like to use a third part IDP such as Google or Azure to authenticate users to my Fortigate.
I'm using a 500D with 6.2.1
Is this possible yet?
Thanks for answered.
This is for a very large organization but for a small entity of this. The IdP is not a FortiAuthenticator so we can't use this to handle fortigates and we have not authorization to use external (third party) IdP... the goal is to use actual IdP.
None information about it and documentation is poor...
Anyway thanks for help.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.