Description
This article explains GUI changes present in FortiAuthenticator 6.2 regarding where and how to add realms to Self-Service-Portals and allow Single-Sign-On on the portals.
Scope
For versions 6.2 and 6.6.
Solution
FortiAuthenticator introduced some changes to Self-Service portals in firmware version 6.2, and in particular, enabling Single-Sign-On.
In particular, instead of outright configuring SSO portals under 'Fortinet SSO Methods', realms first need to be associated with Self-Service under System -> Administration -> System Access, under the header of 'Self-service portal Access Control settings'.
After this, under Fortinet SSO Methods -> SSO -> Portal Services, the setting 'Enable SSO on login portal' should be toggled on.
This then allows for enabling SSO on any realm configured for self-service.
In branch 6.6, realms can be associated with Self-Service under System -> Administration -> System Access, under the header of 'Legacy Self-Service Portal Settings'.
After this, under Fortinet SSO -> Methods -> Web Services, toggle on the setting 'Enable SSO self-service portals'.
Then select the self-service portal policy created by following the article Technical Tip: FortiAuthenticator self-service portal.
This then allows for enabling SSO on any realm configured for self-service.
