Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
lkumar
Staff
Staff

Created on ‎01-06-2026 01:05 AM

Article Id 425085

Troubleshooting Tip: SAML IDP page shows 403 forbidden error after upgrading the FortiAuthenticator to v6.6.5

Description This article describes the steps to resolve a 403 Forbidden error encountered during SAML authentication configuration on FortiAuthenticator, even when the SAML IDP service is enabled in the interface. The issue occurs when the browser is redirected to the FortiAuthenticator IdP page and immediately returns a 403 Forbidden error. 
Scope FortiAuthenticator v6.6.5.
Solution

The following error appears when accessing the SAML IdP page:


image.png

 

Even though the SAML service is already enabled in the interface settings, the system still returns a 403 Forbidden error.

 

image.png

 

This is a known issue in version 6.6.5 (Issue ID 1187822), where disabling SAML on one interface unintentionally disables it across all interfaces when multiple interfaces are configured. The issue is fixed in firmware version 6.6.6.

Workaround :
If multiple interfaces are configured on the FortiAuthenticator, ensure that the SAML service is enabled on all interfaces.
66
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.