Troubleshooting Tip: SAML IDP page shows 403 forbidden error after upgrading the FortiAuthenticator to v6.6.5
| Description | This article describes the steps to resolve a 403 Forbidden error encountered during SAML authentication configuration on FortiAuthenticator, even when the SAML IDP service is enabled in the interface. The issue occurs when the browser is redirected to the FortiAuthenticator IdP page and immediately returns a 403 Forbidden error. |
| Scope | FortiAuthenticator v6.6.5. |
| Solution | The following error appears when accessing the SAML IdP page:
Even though the SAML service is already enabled in the interface settings, the system still returns a 403 Forbidden error.
This is a known issue in version 6.6.5 (Issue ID 1187822), where disabling SAML on one interface unintentionally disables it across all interfaces when multiple interfaces are configured. The issue is fixed in firmware version 6.6.6. Workaround : If multiple interfaces are configured on the FortiAuthenticator, ensure that the SAML service is enabled on all interfaces. |
