Skip to main content
tobisfr
tobisfr
Explorer
March 31, 2025
Question

FortiAuthenticator - SAML Authentication - Cant get Fido Auth to work

  • March 31, 2025
  • 4 replies
  • 1428 views

Hello,

I'm currently trying my hand at SAML authentication with FortiAuthenticator in conjunction with FIDO keys.

- I can successfully import a Fido key for a local user
- FQDN of the authenticator is identical to the SAML FQDN
- Certificates are valid

- SAML Login with Username/Passwort is working

- SAML ServiceProviders to FortiAnlayzer and FortiMail

 

But as soon as I say in the SAML SP settings that it should authenticate via FIDO, “Error occurred during Fido Authentication” is displayed after entering the user name.

No error in the FortiAuth-Event Log - just "

Local user authentication partially done, expecting fido token

 

FortiAuth Version 6.6.2

 

The strange thing is that I had the SAML login with FIDO running until a few days ago, then I changed the FQDN name of FortiAuth again - since then it no longer works. However, I have adjusted and assigned all the certificates.

4 replies

Anthony_E
Staff
Anthony_E
Staff
April 3, 2025

Hello,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Best Regards
Anthony_E
Staff
Anthony_E
Staff
April 7, 2025

Hello,

We are still looking for someone to help you.

We will come back to you ASAP.


Thanks,

Best Regards
Jiveshs
Jiveshs
Explorer
April 7, 2025

Ensure “Enable FIDO2 authentication” is ON

Authentication >SAML IdP > Service Providers

tobisfr
tobisfrAuthor
Explorer
April 7, 2025

Thanks all - i simple reboot of the FortiAuthenticator solved my problem. Seems like some service got confused with the certificate change.

    Terms & ConditionsAccessibility statement