Technical Tip: Using FortiAuthenticator as an Identity Provider (IdP) portal for FortiPortal SSO access
| Description | This article describes how to allow Identity Provider (IdP)-initiated SSO in FortiPortal. |
| Scope | FortiPortal/FortiAuthenticator. |
| Solution | FortiPortal supports two types of SAML SSO: Service Provider (SP)-initiated SSO and Identity Provider (IdP)-initiated SSO.
In SP-initiated SSO, a user will enter their username, select 'Login with Single Sign-On' on FortiPortal's login page, and be redirected to the Identity Provider's login page to enter the credentials. Once authenticated, the user will be redirected back to the authorized organization's page in FortiPortal:
In IdP-initiated SSO, a user is provided with the URL to the IdP's SSO portal, where the credentials are entered to be authenticated. Once authenticated, FortiPortal can be selected in FortiAuthenticator's portal page to be redirected to the user's organization's page in FortiPortal:
The following settings should be configured to allow IdP-initiated SSO on FortiPortal:
|
