FortiAuthenticator as a SAML IdP
ฝัง
- เผยแพร่เมื่อ 1 มิ.ย. 2024
- This video covers an introduction to SAML and how to configure a FortiAuthenticator as an IdP and FortiGate as SP's
SP entity ID field for FortiGate admin GUI:
x.x.x.x/metadata/
SP Login URL for FortiGate admin GUI
x.x.x.x/saml/?acs
SP Logout URL for FortiGate admin GUI
x.x.x.x/saml/?sls
0:00 - SAML Overview
2:52 - FortiGates as SP, and SAML Flow
5:16 - Topology
5:53 - FortiAuthenticator iDP Configuration
7:45 - FortiAuthenticator SP1 Configuration
11:55 - FortiGate SP1 Configuration
15:07 - FortiAuthenticator + FortiGate SP2 Configuration
16:51 - SAML testing with both FortiGate's
18:51 - Troubleshooting - วิทยาศาสตร์และเทคโนโลยี
That teams ding at 15:49 had me searching for a while where it was coming from !
Lol!
Straight and to the point. Thanks!
Dude, you posted this video the specific day i needed it, thank you for all the explanation, you're amazing !
Awesome glad it helped!
Thanks for the interesting video!
Question, you mentioned in Fortiauthenticator IdP configuration, that under the interface https services you must have SAML IdP enabled but if you have a HA-setup, that option is not available. Does it mean that we need a separate interface for enabling the service or can it be done using the existing interface, which is used for HA?
What is the next step to use the SSO portion? Meaning, the Fortigate is detecting with Windows account that is already logged in on the PC/device and passes the credentials to the webpage?
Thanks, this is a really useful video! Just curious if you are aware how this could be deployed at scale? Or do you always have to configure each SP individually
as far as I know each SP needs to be configured individually, not sure there'd be many scenarios where customers would need say hundreds of SPs?