Help
FortiAuthenticator
FortiAuthenticator provides access management and single sign on.
amacchiaverna
Staff
Staff

Created on ‎12-02-2021 03:17 AM Edited on ‎12-02-2021 04:47 AM

Article Id 200137

Technical Tip: How to reduce the generated IdP prefix in order to allow for more than 16 IdPs/Domains

Description This article describes how to reduce the generated IdP prefix in order to allow for more than 16 IdPs/Domains.
Scope  
Solution

Steps to decrease IdP prefix to increase IdP/domain count:


1) Add SP by going to Authentication -> SAML IdP -> Service Providers and selecting 'Create New'.

 

FACkb1.png

 

2) Input all relevant information.


3) For 'IdP prefix', select the plus sign.

 

FACkb2.png

 

4) Select 'Generate prefix' and a 16 character prefix is populated.

 

FACkb3.png

 

5) Limit is 255 (alphanumeric (26 + 10)) characters. 

As such, for 16 character prefix, it is possible to make 16 domains.  *Ensure all prefixes are unique*


6) Decrease this to as low as 3 to be able to get the most out of the 255 limit. 2 or lower and not so many unique combinations are get.

 

This process is also applicable for manually creating the IdP prefix.  Simply do not do step 4.  
205
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.