FortiCloud SSO admin authentication
When FortiAnalyzer is registered to FortiCloud, you can enable login to FortiAnalyzer using your FortiCloud SSO account.
By default, only the FortiCloud account ID which the FortiAnalyzer is registered to can be used to log into FortiAnalyzer. Additional SSO users can be configured as IAM users in FortiCloud. See IAM user account login.
To enable login with FortiCloud:
- Before enabling this feature, FortiAnalyzer must be registered to FortiCloud, and a FortiCloud account must be configured.
You can check your FortiCloud registration status in Dashboard in the License Information widget. - Go to System Settings > SAML SSO, and enable Allow admins to login with FortiCloud.
- Sign out of FortiAnalyzer to return to the sign in screen.
An option to Login with FortiCloud is now visible on the FortiAnalyzer login page.
- Click Login with FortiCloud. Enter your login credentials from FortiCloud and click LOGIN.
You are signed in with your FortiCloud user account.
IAM user account login
FortiCloud supports the creation of additional users called IAM users. Once created, you can use the IAM user account to sign in to FortiAnalyzer.
To sign in using a FortiCloud IAM user:
- In FortiCloud, create one or more additional IAM user accounts. See Identity and Access Management (IAM).
The IAM users must have the following portal included in their Permission Profile:
FortiOS SSO
Access = enabled
Access Type = Admin
- In FortiAnalyzer, enable Allow admins to login with FortiCloud in System Settings > SAML SSO.
- Sign out of FortiAnalyzer, return to the FortiAnalyzer sign on page, and click Login with FortiCloud.
- At the bottom of the FortiCloud login portal, click Sign in as IAM user.
- Enter your IAM user credentials.
You are signed in using your FortiCloud IAM account.