Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            How do I Configure SAML2 Single Sign-on (Authentication) to use Azure AD SSO?

            Modified on Thu, 11 Apr at 9:55 AM

            Follow the steps below to configure single sign-on with Azure AD.


            For this configuration, you will want to ensure you have two tabs set up in your browser. The first tab will be for the Authentication section in your Fortinet Security Awareness and Training Service portal. The other tab will be used for your Azure admin console.



            App creation:


                1. Log into your Azure admin account

                2. Click on Enterprise applications from the left navigation menu

                3. Click on New application




                4. Click on Create your own application



                5. Give the app a name (you can call it 'Fortinet Security Awareness and Training Service', for example)

                6. Ensure that the Non-gallery option is selected and then click Create



                7. In section 2 titled Set up single sign on, click on Get started






            App configuration:


                8. Select the SAML option



                9. Click Edit in the first section (titled Basic SAML Configuration)



                10. You will now be bringing information from the training portal over to Azure. Copy the Assertion Consumer service (ACS) URL from your Fortinet Security Awareness admin portal



                11. Paste it into the Reply URL section in Azure



                12. Next, copy the Service Provider metadata from your Fortinet Security Awareness admin portal



                13. Paste it into the Identifier (Entity ID) section in Azure



                14. Click on Save and then close the section



                15. Click on Edit in the second section titled Attributes and Claims




                16. Delete the four default claims under the Additional claims heading

                17. Edit the Unique User Identifier (Name ID) claim and change it to user.mail

                18. You will then add 4 new claims and ensure they are set to the following:


                Email → user.mail

                First_name → user.givenname

                Last_name → user.surname

                Username → user.mail



                19. Once completed, your attributes and claims should look exactly as below:



                20. Return to the previous level in the hierarchy to get back to the main settings for your new application

                21. From the left hand navigation menu, click Users and groups




            22. You will then need to ensure that you enable access for all relevant groups (if you are planning to have all staff members access the security awareness training, you will need to ensure all staff are enabled to access this application)


            23. Click Single sign-on from the left-hand navigation menu, and copy the App Federation Metadata Url from section 3 




            24. Paste the Url into Section 3 of your Fortinet Security Awareness admin portal 

            25. Click on Save Changes




            If you have any questions for Support, please open a new ticket and we will get back to you shortly!

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0