Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
rtanagras
Staff & Editor
Staff & Editor

Created on ‎02-28-2025 12:17 AM

Article Id 379474

Technical Tip: Configuring DUO SAML for Administrative Access on FortiGate

Description This article provides steps to integrate DUO Security with FortiGate using SAML authentication for administrator access. The application type used is 'Fortinet FortiGate Administrators - Single Sign-On'.
Scope FortiGate.
Solution

To set up DUO, follow this link: DUO SSO for FortiGate Admin.

 

DUO Configuration (SP and IdP full settings):

 

2025-02-28 15 38 50.jpg

 

Note: On the Service Provider section, ensure the Custom attributes are enabled to avoid the 'SAML assertion attributes are misconfigured and do not contain the 'username' attribute/claim' error message.

 

FortiGate configuration:

 

Go to Security Fabric -> Fabric Connectors -> Security Fabric Setup ('Right-click' to choose edit) -> Single Sign-On Settings -> Service Provider (SP).

 

2025-02-28 15 36 02.jpg

 

Note: Do not forget to add a forward slash in the SP entity ID, as DUO has configured their template with a forward slash at the end.
725
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.