Fortinet Document Library

Version:

Version:


Table of Contents

Cookbook

Download PDF
Copy Link

Setting up single sign-on for an enterprise application

Once the application is created, you can set up single sign-on for your application.

To set up single sign-on:
  1. Go to Azure Active Directory > Enterprise applications.
  2. In Enterprise applications, enter the name of your enterprise application in the search bar, and click the application to open it.

    See Creating an enterprise application in Azure Portal.

  3. Select Get Started in Set up single sign on.
  4. In Single sign-on, select SAML.

    The SAML-based Sign-on window opens.

  5. In the SAML-based Sign-on window, select Edit in the Basic SAML Configuration pane.
  6. In the Basic SAML Configuration window, enter the following information from the FortiAuthenticator SP:
    1. In Identifier (Entity ID), enter the SP entity ID.
    2. In Reply URL (Assertion Consumer Service URL), enter the URL where the application receives the authentication token.
    3. In Sign on URL, enter the URL for the sign-in page for the application.
    4. In Relay State, enter the URL to which the user is redirected to by the SP after a successful assertion response.
    5. In Logout Url, enter the URL used to send the SAML logout response back to the application.
    6. Click Save.

  7. See Adding a user group SAML attribute to the enterprise application and Adding users to an enterprise application.

Setting up single sign-on for an enterprise application

Once the application is created, you can set up single sign-on for your application.

To set up single sign-on:
  1. Go to Azure Active Directory > Enterprise applications.
  2. In Enterprise applications, enter the name of your enterprise application in the search bar, and click the application to open it.

    See Creating an enterprise application in Azure Portal.

  3. Select Get Started in Set up single sign on.
  4. In Single sign-on, select SAML.

    The SAML-based Sign-on window opens.

  5. In the SAML-based Sign-on window, select Edit in the Basic SAML Configuration pane.
  6. In the Basic SAML Configuration window, enter the following information from the FortiAuthenticator SP:
    1. In Identifier (Entity ID), enter the SP entity ID.
    2. In Reply URL (Assertion Consumer Service URL), enter the URL where the application receives the authentication token.
    3. In Sign on URL, enter the URL for the sign-in page for the application.
    4. In Relay State, enter the URL to which the user is redirected to by the SP after a successful assertion response.
    5. In Logout Url, enter the URL used to send the SAML logout response back to the application.
    6. Click Save.

  7. See Adding a user group SAML attribute to the enterprise application and Adding users to an enterprise application.