This section describes how to integrate FortiManager with RSA Cloud Authentication Service using Relying Party.

Procedure

1. Sign into the RSA Cloud Administration Console and go to Authentication Clients > Relying Parties > Add a Relying Party and select Add for a SAML service provider.
2. On the Basic Information page, enter FortiManager as a Name for the application, and then select Next Step.
   
3. On the Authentication page, select SecurID manages all authentication and select Next Step.
   
4. Fill in the Service Provider details from the FortiManager System Settings > Admin > SAML SSO.
   
5. Select IdP signs entire SAML response checkbox and then select Download Certificate. This certificate is used to upload in the FortiManager GUI.
   
6. Select Show Advanced Configuration dropdown and under User Identity section, select Unspecified for Identifier Type and mail as Property.
7. Under Attribute Extension section, enter uername in Attribute Name and select mail as Property.
   
8. Ensure SAML IdP URL to be unique for this application.
   
9. In the FortiManager GUI, go to system System Settings > Admin > SAML SSO.
10. Enter the IdP Entity ID and IdP Login URL as the URL Confirgured in Step 5.
11. Upload the certificate for the IdP certificate that was downloaded in step 3.
12. Set the logout URL to be in this format: https://FQDN.
    Note: You can choose to automatically create a new user after successful authentication or not from the Auto Create Admin.
    

Configuration is complete.

Return to the main page.