Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.1.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Admin Guide

    Using hardware tokens

    Using hardware tokens

    The term "hardware" refers to FortiToken (FTK) which is the only hardware token that FIC currently supports. The Hardware page shows all FortiTokens used by end-users in your account. It also offers tools for adding and deleting FTKs.

    You can access the Hardware page by clicking Tokens > Hardware on the main menu. The following table describes the information on the Hardware page.

    Column Description
    Checkbox

    If checked, the corresponding hardware token becomes selected and the Delete button enabled. You can then click the button to delete that hard token. For more information, see Deleting hard tokens.

    Note: You can also check the checkbox in the column header to select all the hard tokens and delete them all at once.
    SERIAL NUMBER The serial number of the hardware token.

    MODEL

    The model of the hardware token, which can be one of the following:

    • FTK200, FTK200B, and FTK210
    USERNAME

    The username of the FIC user to whom a FortiToken has been assigned.

    Note: If this field is blank, it means that the FortiToken has not been assigned to any user yet.

    LAST UPDATE

    The date and time of the most recent update of the hard token.

    The Import Tokens button enables you to add hard tokens to your account. You can either manually add serial numbers of hard tokens one by one or batch-upload them by importing a .csv file which contains the serial numbers of the hard tokens you want to add to your account. See Batch-uploading hard tokens.

    Caution

    FTK200CD and FTK200BCD (with the serial number prefix FTK211) are NOT supported.

    Adding hard tokens manually

    Note

    If FTK is set as the default MFA method in the settings of a realm, you can select users on the Users page and let FIC automatically assign FTKs to them by clicking the Auto-assign FTK button. See Managing users.
    To add hard tokens manually:
    1. Click Security Devices > Hardware Tokens.
    2. Click the Import Tokens.
    3. Enter the serial number of the hardware token.
    4. Click the + sign.
    5. Repeat Steps 2 through 3 above to add as many hard tokens as you have available.
    6. Click Save.

      The Import Hard Token dialog closes, and a message pops up in the upper-right corner of the Hardware page, informing you how many hard tokens have been successfully added and how many have failed (if any) to be added. You can either click OK to dismiss the message, or wait for a few seconds to let it automatically close itself. The serial numbers of the hardware tokens that are successfully added now appear on the Hardware Tokens page.

    Batch-uploading hard tokens

    You can also batch-upload all the hard tokens you want to add at once if you have access to a .csv file that contains the serial numbers of the hard tokens to be added.

    Note

    Be sure to have the .csv file ready before starting the following procedures.
    To batch-upload hard tokens:
    1. Click Security Devices > Hardware Tokens.
    2. Click Import Tokens.
    3. In the upper-right corner of the dialog, click Upload CSV file.
    4. Locate the .csv file with information about the hardware tokens in your file system, and click Open.

      The Windows Upload File dialog closes, and all the serial numbers of the hard tokens in the .csv file are now added to the Import Hard Tokens dialog.

    5. Click OK.

      The Import Hard Token dialog closes, and a message pops up in the upper-right corner of the Hardware page, informing you how many hard tokens have been successfully added and how many have failed (if any) to be added. You can either click OK to dismiss the message, or wait for it to automatically close itself in a few seconds. The serial numbers of the hard tokens that are successfully added now appear on the Hardware page.

    Assigning a hard token to a user

    A hard token shown on the Hardware page without a username means that it has not been assigned to any end-user yet, and can be assigned to any end-user in your FIC account.

    To assign a free hard token to a user:
    1. Click User Management > Users.
    2. Identify the user, click the tool icon, and select Edit.
    3. For Auth Method, select FTK.
    4. Click Apply.

    Deleting hard tokens

    The Hardware page provides tools to delete hard tokens that are no longer needed. You can delete one, multiple, or all the hard tokens at once.

    Caution

    Only unassigned FTK tokens can be deleted.
    To delete a hardware tokens:
    1. Click Security Devices > Hardware Tokens.
    2. Identify the hardware token, and select it (with the checkbox).
    3. Click Delete.
    4. Click Yes.
    Previous
    Next

    Using hardware tokens

    Using hardware tokens

    The term "hardware" refers to FortiToken (FTK) which is the only hardware token that FIC currently supports. The Hardware page shows all FortiTokens used by end-users in your account. It also offers tools for adding and deleting FTKs.

    You can access the Hardware page by clicking Tokens > Hardware on the main menu. The following table describes the information on the Hardware page.

    Column Description
    Checkbox

    If checked, the corresponding hardware token becomes selected and the Delete button enabled. You can then click the button to delete that hard token. For more information, see Deleting hard tokens.

    Note: You can also check the checkbox in the column header to select all the hard tokens and delete them all at once.
    SERIAL NUMBER The serial number of the hardware token.

    MODEL

    The model of the hardware token, which can be one of the following:

    • FTK200, FTK200B, and FTK210
    USERNAME

    The username of the FIC user to whom a FortiToken has been assigned.

    Note: If this field is blank, it means that the FortiToken has not been assigned to any user yet.

    LAST UPDATE

    The date and time of the most recent update of the hard token.

    The Import Tokens button enables you to add hard tokens to your account. You can either manually add serial numbers of hard tokens one by one or batch-upload them by importing a .csv file which contains the serial numbers of the hard tokens you want to add to your account. See Batch-uploading hard tokens.

    Caution

    FTK200CD and FTK200BCD (with the serial number prefix FTK211) are NOT supported.

    Adding hard tokens manually

    Note

    If FTK is set as the default MFA method in the settings of a realm, you can select users on the Users page and let FIC automatically assign FTKs to them by clicking the Auto-assign FTK button. See Managing users.
    To add hard tokens manually:
    1. Click Security Devices > Hardware Tokens.
    2. Click the Import Tokens.
    3. Enter the serial number of the hardware token.
    4. Click the + sign.
    5. Repeat Steps 2 through 3 above to add as many hard tokens as you have available.
    6. Click Save.

      The Import Hard Token dialog closes, and a message pops up in the upper-right corner of the Hardware page, informing you how many hard tokens have been successfully added and how many have failed (if any) to be added. You can either click OK to dismiss the message, or wait for a few seconds to let it automatically close itself. The serial numbers of the hardware tokens that are successfully added now appear on the Hardware Tokens page.

    Batch-uploading hard tokens

    You can also batch-upload all the hard tokens you want to add at once if you have access to a .csv file that contains the serial numbers of the hard tokens to be added.

    Note

    Be sure to have the .csv file ready before starting the following procedures.
    To batch-upload hard tokens:
    1. Click Security Devices > Hardware Tokens.
    2. Click Import Tokens.
    3. In the upper-right corner of the dialog, click Upload CSV file.
    4. Locate the .csv file with information about the hardware tokens in your file system, and click Open.

      The Windows Upload File dialog closes, and all the serial numbers of the hard tokens in the .csv file are now added to the Import Hard Tokens dialog.

    5. Click OK.

      The Import Hard Token dialog closes, and a message pops up in the upper-right corner of the Hardware page, informing you how many hard tokens have been successfully added and how many have failed (if any) to be added. You can either click OK to dismiss the message, or wait for it to automatically close itself in a few seconds. The serial numbers of the hard tokens that are successfully added now appear on the Hardware page.

    Assigning a hard token to a user

    A hard token shown on the Hardware page without a username means that it has not been assigned to any end-user yet, and can be assigned to any end-user in your FIC account.

    To assign a free hard token to a user:
    1. Click User Management > Users.
    2. Identify the user, click the tool icon, and select Edit.
    3. For Auth Method, select FTK.
    4. Click Apply.

    Deleting hard tokens

    The Hardware page provides tools to delete hard tokens that are no longer needed. You can delete one, multiple, or all the hard tokens at once.

    Caution

    Only unassigned FTK tokens can be deleted.
    To delete a hardware tokens:
    1. Click Security Devices > Hardware Tokens.
    2. Identify the hardware token, and select it (with the checkbox).
    3. Click Delete.
    4. Click Yes.
    Previous
    Next