FortiZTP is a cloud service to allow provisioning devices to cloud or or-premise platforms. It allows provisioning devices in bulk as well as de-provisioning them. All devices under a FortiCloud account are seen directly on FortiZTP. 

The procedure to make the FortiGate accept configuration in ZTP from a FortiManager is: 

1. Ensure the FortiGate is licensed. No extra licenses are needed for this: FortiGate Cloud service is not required. 
2. Have the device model provisioned in FortiManager or use manual authorization. 
3. Configure the target FortiManager with Serial Number and IP/FQDN under FortiZTP -> Settings -> FortiGate (optional pre-run CLI templates): 

4. Provision the FortiGate to the required FortiManager: 

5. After provisioning, FortiDeploy will wait for FortiGate to connect and the status will be 'Incomplete-Waiting': 

6. FortiGate must be in a factory-reset status without any changes applied, including the password, and the Internet connectivity must be guaranteed by DHCP. The FortiGate will attempt connection to FortiDeploy. Once connected, the configuration will be pushed and the FortiGate will register in FortiManager. This happens every 2 minutes. 
7. After a while, FortiZTP will update the status of the device to 'Provisioned':  

It is important to remember the specific requirements for FortiGate-VM ('auto-join-forticloud' option, enabled by default from FortiOS 5.2.3), or specific requirements for Cloud services, as per Requirements - FortiZTP administration guide. 

Additionally, for troubleshooting steps if connectivity fails, see Provisioning FortiGate to FortiManager self-diagnosis - FortiZTP administration guide. Note that one of the steps contacts the FortiDeploy servers closest to the FortiGate, ('diagnose fdsm contract-controller-update'), so this step may make the ZTP launch and ensure the provision succeeds.