This example configuration allows FortiAuthenticator to act as the IdP proxy for Azure authentication to a FortiGate SSL VPN connection. This allows authentication of SSL VPN users against an Azure IdP using two factor authentication with FortiToken by inserting FortiAuthenticator into the authentication flow.
This configuration uses the following topology:
You need Azure Active Directory Premium P1 or P2 to perform group-based assignments to an Enterprise App. Azure AD Free tier only supports user-based assignments.