Enhance your FortiGate security with SSO integration

October 3, 2024

Single Sign-On (SSO) simplifies user authentication, allowing users to access multiple systems with one set of credentials. This guide will demonstrate how to integrate SSO into FortiGate using Security Fabric (SAML) with Identity, an identity management solution. This guide is suitable for IT administrators and tech-savvy individuals.

Why SSO with FortiGate?

SSO in FortiGate offers benefits such as:

  • Streamlined Access: Single login for multiple applications.
  • Improved Security: Centralized authentication supports multi-factor authentication (MFA), enhancing security.
  • Simplified Management: Easier user access control from a single platform.
Prerequisites

Before you start, ensure you have:

  • An active Identity administrator account.
  • FortiGate with administrative access.
  • A basic understanding of SAML.
Step 1: Access the Identity Provider Server Profile
  1. Log in to the Identity Admin Console with admin credentials.
  2. Navigate to SAML Configuration: Go to "SAML IdP Profile" under SAML 2.0.
  3. View Identity Provider Server Profile: Keep this information handy as you'll need it to configure FortiGate.
Identity SAML Profile
Step 2: Configure Identity as the Identity Provider
  1. Log in to FortiGate with admin credentials
  2. Import a new Remote Certificate (Identity Certificate) under System > Certificates
  3. Navigate to Security Fabric > Fabric Connectors
  4. Edit the Security Fabric Setup and click on Single Sign On Settings.
  5. Input Identity's details such as the SSO URL, Entity ID, and map the imported certificate.
FortiGate SSO Settings
Step 3: Configure FortiGate as the Service Provider
  1. Access the Identity Admin Console: Navigate to "Service Providers" under "SAML 2.0".
  2. Add FortiGate as a Service Provider: Enter details like the Entity ID and Assertion Consumer URI found in FortiGate's SSO settings.
  3. Map an additional claim i.e. Username
  4. Save the new service provider
FortiGate as Service Provider
Step 4: Test the Integration
  1. Initiate the SSO flow from FortiGate login page
  2. Click on Sign in with Security Fabric
  3. Enter your Identity credentials, which has a corresponding user in FortiGate
  4. On successful authentication, you will be navigated to the FortiGate dashboard
FortiGate Login Page
Video Tutorial

Watch our detailed video tutorial on YouTube, guiding you through each step of the SSO setup process in FortiGate using Identity.

Conclusion

Integrating FortiGate with Identity via SAML secures your authentication processes and simplifies user management, providing a streamlined user experience. Follow these steps to ensure a successful SSO integration.

Round Table: Exploring Home Buyers' Needs in the Digital Era
Sep 25, 2024

Digital innovations are transforming the home-buying process, streamlining finance, smart appliances, rentals, insurance etc. for a seamless experience.

Single Sign On (SSO) for Google Workspace with Identity
Sep 25, 2024

Streamline access by configuring Identity as the third-party Identity Provider for all Google Workspace apps, including Mail, Calendar, and Drive.

Smart Lending: How Portals Revolutionize Lending Experience
Sep 23, 2024

Smart Lending: Customer portals enhance lending by offering convenience, security, and personalized services, helping BFS companies engage and retain customers.