Skip to main content
rbraha
Staff
rbraha
Staff
September 2, 2025

Technical Tip: FortiIdentity Cloud (formerly FortiToken Cloud) status 'Users-out-of-sync' in FortiAuthenticator

  • September 2, 2025
  • 0 replies
  • 502 views
Description

 

This article describes how to synchronize FortiIdentity Cloud status in FortiAuthenticator.

 

Scope

 

FortiAuthenticator, FortiToken Cloud, FortiIdentity Cloud.

 

Solution

 

FortiAuthenticator is an identity and access management (IAM) appliance and acts as a central authentication server in Fortinet environments.

 

Main roles

  • Authentication server.
  • Provides RADIUS, LDAP, SAML IdP, OAuth/OpenID Connect, and certificate-based authentication.
  • Let's enforce MFA (FortiIdentity Cloud, FortiToken Mobile, mobile push, SMS/email OTP). 

 

The FortiAuthenticator dashboard provides system information, user inventory, system resources, license information, etc.

 

  1. License information can sometimes show that FortiIdentity Cloud status is 'Users-out-of-sync'.

 

Figure 1. User -out-of-syncFigure 1. User -out-of-sync

 

  1. Selecting the 'information' sign will show us which users are out of sync with FortiIdentity Cloud.

 

Figure 2. Users not syncedFigure 2. Users not synced

 

Make sure that this user does not exist in FortiAuthenticator, either under Local or Remote users, and that no FortiIdentity Cloud token is assigned to them.

 

It is possible that the token was manually removed by an administrator or the user account was deleted from FortiAuthenticator, but the change was not properly synchronized with the FortiIdentity Cloud portal.

To verify this, review the logs on FortiAuthenticator by navigating to: Logging → Log Access → Logs.

 

  1. Additionally, verify whether the user exists in FortiIdentity Cloud.

 

Figure 4. Users in FortiToken CloudFigure 4. Users in FortiToken Cloud

 

  1. Select 'Apply Changes' from Step 2, and a new confirmation dialog will be prompted to synchronize users with the FortiIdentity Cloud service.

 

Figure 5. Apply changesFigure 5. Apply changes

 

  1. Applying changes shows successful synchronization in FortiAuthenticator.

 

Figure 6. Apply changes in FortiAuthenticatorFigure 6. Apply changes in FortiAuthenticator

 

  1. Status on the FortiAuthenticator side will change to synced.

 

Figure.7 FortiToken Cloud status syncedFigure.7 FortiToken Cloud status synced

 

NoteFortiToken Cloud is rebranded as FortiIdentity Cloud.

 

The portal URL for both North America and Europe will continue to work and will automatically redirect to the new URL.

The following are the new portal URLs:

  • North America: ftc.fortinet.com will change to fic.fortinet.com
  • Europe: euftc.fortinet.com will change to eufic.fortinet.com

 

Related articles about the new FortiIdentity Cloud platform:

From FortiToken Cloud to FortiIdentity Cloud: Expanding the Future of Identity Security | Fortinet Community Blogs

Launching FortiIdentity Cloud | FortiIdentity Cloud Admin Guide 
Introduction - FortiIdentity Cloud | FortiIdentity Cloud Admin Guide

    Terms & ConditionsAccessibility statement