Fortinet Document Library

Version:

Version:


Table of Contents

Cookbook

Download PDF
Copy Link

Granting user access to the application

To grant user access to the application:
  1. Go to Users > Users.

  2. Select the desired user from the list.

    The Users window opens.

  3. Go to the Applications tab and select +.
  4. In the Assign new login to window, select the previously created application, and select Continue.

    If only one application exists or is unassigned to a user, it is automatically selected.

  5. In the new dialog that appears:
    1. Ensure that Allow the user to sign in is selected.
    2. In NameID value, enter the user email address.
    3. In group, enter OneLogin.

      The group parameter has been manually overridden.

      The group value is contained in the SAML assertion and the FortiGate firewall policy configuration step uses it to match group information and grant users access based on the OneLogin group affiliation.

      See Configuring FortiGate SP settings on FortiAuthenticator and Configuring a policy to allow users access to allowed network resources.

    4. Ensure that email is same as NameID value.
    5. Click Save.

Granting user access to the application

To grant user access to the application:
  1. Go to Users > Users.

  2. Select the desired user from the list.

    The Users window opens.

  3. Go to the Applications tab and select +.
  4. In the Assign new login to window, select the previously created application, and select Continue.

    If only one application exists or is unassigned to a user, it is automatically selected.

  5. In the new dialog that appears:
    1. Ensure that Allow the user to sign in is selected.
    2. In NameID value, enter the user email address.
    3. In group, enter OneLogin.

      The group parameter has been manually overridden.

      The group value is contained in the SAML assertion and the FortiGate firewall policy configuration step uses it to match group information and grant users access based on the OneLogin group affiliation.

      See Configuring FortiGate SP settings on FortiAuthenticator and Configuring a policy to allow users access to allowed network resources.

    4. Ensure that email is same as NameID value.
    5. Click Save.