Description
This article explains how to configure FortiAuthenticator as IdP and FortiAnalyzer as SP.
Scope
FortiAuthenticator as IdP and FortiAnalyzer as SP.
Solution
FortiAuthenticator settings:
To configure SAML Portal settings, go to Authentication -> SAML IdP.
Under the general settings, configure the following options:
- Enter the FQDN of the configured device from the system dashboard.
- Select the Realm & Filter the configured user group.
- Select IdP certificate.
Under the Service Providers:
- Configure the SP parameter & Attributes.
FortiAnalyzer settings:
To configure the SP, go to Admin -> SAML SSO -> SP.
The admin user must be created on FortiAnalyzer.
Testing:
- Go to FortiAnalyzer and log in through SSO.
- The login will redirect to the FortiAuthenticator.
- After entering the correct credentials, it will redirect back to the FortiAnalyzer.
Note:
In the newer version of FortiAuthenticator, IdP metadata can be downloaded at the bottom of the SP configuration page:
Useful links:
Fortinet documentation:
https://help.fortinet.com/fauth/5-2/Content/Admin%20Guides/5_2%20Admin%20Guide/400/411_SAML_IdP.htm
https://docs.fortinet.com/document/fortiauthenticator/6.0.0/administration-guide/360613/whats-new-in...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.