FortiManager 7.2.1 - SAML My Page SSO Configuration RSA Ready Implementation Guide
2 years ago
Originally Published: 2023-03-24

This section describes how to integrate FortiManager with RSA Cloud Authentication Service using My Page SSO.

Procedure

  1. Sign into the RSA Cloud Console and go to Applications > Application Catalog > Create From Template > SAML Direct.
  2. Select Cloud in the Choose where to enable your application section and select Next Step.
    AjithkumarSID_15-1679671832398.png
  3. Go to the FortiManager System Settings > Admin > SAML SSO and select Service Provider (SP) tab as Single Sign-On Mode.
  4. In the IdP Settings, select Custom tab, then fill in the IdP Entity ID and IdP Login URL from the Identity Provider URL found from the Application > Connection Profile that was done in the previous step.
  5. You can choose to automatically create a new user after successful authentication or not from the Auto Create Admin option on the FortiManager SAML SSO page.
  6. For the IdP logout URL, add it as the https://FQDN of your FortiManager.
    AjithkumarSID_16-1679671902980.png
  7. For the IdP Certificate, choose the certificate file from the RSA Cloud Console, whether you have chosen the default certificate or uploaded a new one, it is to be uploaded here to validate the SAML responses sent from RSA.
    Note: You can choose to Sign Assertion only or Sign entrie SAML response according to your implementation.
    AjithkumarSID_17-1679672024316.png
  8. In the User Identity section, use NameID as unspecified and property as mail. You must send attribute statement for the FortiManager, it should be username and map it to mail.
    AjithkumarSID_18-1679672150638.png
  9. If you have chosen SP-Initiated flow, ensure at the top of the page that the Connection URL is added as the SP ACS (login) URL.
    AjithkumarSID_19-1679672193146.png
  10. If you have chosen IdP-initiated flow, ensure to add this input in the Relay State parameter at the bottom of the page.
    AjithkumarSID_20-1679672224201.png
  11. Select the Show Advanced Configuration dropdown and under the User Identity section, select your desired policy to be applied, then select Next Step > Save and Finish > Publish Changes.
  12. Under the Portal Display page, if needed, select Display in Portal as FortiManager supports IdP initiated SAML SSO.
    AjithkumarSID_21-1679672316809.png

Configuration is complete.

Return to the main page.

Related Articles

Trending Articles

Don't see what you're looking for?