1. Create an SSID that will have the VLAN ID to assign. To configure this, navigate to WiFi &Switch Controller -> SSID, select ‘Create New’, select ‘Bridge’ under ‘Traffic mode’ and enter a passphrase under Pre Shared Key:

2. Under optional VLAN ID, enter the VLAN ID  to assign to the LAN port of FortiAP. In this example, VLAN ID 20:

3. Apply this setting either in specific FortiAP by navigating to Managed FortiAPs. For this, enable the setting for LAN port Bridge, select Bridge to SSID, and choose the SSID created earlier.

Or apply this setting to the FortiAP profile and then apply the profile to the FortiAPs:

4. if a device is connected to the FortiAP LAN port, it will be on the specified VLAN.

Note:

If FortiAP connects to FortiGate via FortiSwitch, make sure VLAN 20 is included in the 'Allowed VLANs' of the FortiSwitch port. Otherwise, it will not work. For more information, refer to this KB article: Troubleshooting Tip: Unable to connect bridge SSID with optional VLAN ID

Related articles: 

Technical Tip: How to bridge a FortiGate WiFi network to a wired network or VLAN network

Technical Tip: How to bridge a FortiWifi SSID to a wired network or VLAN network

Technical Tip: How to allow multiple bridge mode SSID from FortiAP

Technical Tip: How to create a new Bridge SSID with its VLAN dedicated for users

Technical Tip: Use of Optional VLAN ID in Tunnel type Wireless SSID configuration