Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
syadav
Staff
Staff

Created on ‎08-08-2024 02:32 PM Edited on ‎11-06-2025 06:12 AM By Moderator

Article Id 331706

Technical Tip: Error A01I08-17: 'You are not currently authorized to access this portal. Select a different portal or log out' for IAM users trying to acess to Fortinet Cloud Services

Description This article describes how to resolve the error A01I08-17 for IAM users trying to access any Fortinet Cloud Service, like FortiGate Cloud, FortiAppSec, FortiClient EMS Cloud, and all others.
Scope FortiCloud.
Solution

The IAM user logs into a Fortinet Cloud Service and gets error A01I08-17 'Unauthorized. You are not currently authorized to access this portal. Select a different portal or log out, as shown in the screenshot below:

syadav_0-1723145743491.png

 

This is a permission issue, where the IAM user lacks permission to access the Portal.

 

Note that the default built-in permission profile 'SysAdmin' only provides access to Asset Management and IAM.

 

Another symptom of the same issue is the absence of Fortinet Cloud service icons for Services with active subscriptions, in the Services menu on the FortiCloud home page, after the IAM user has logged in

 

Follow the steps below to ensure that the IAM user has permission for the Fortinet Cloud Services.

  • Log in to the support portal with the Master account.
  • Navigate to Services -> IAM.

    syadav_1-1723145743496.png

     

  • Navigate to the Permission profile, then select  ‘Add New’.

    syadav_2-1723145743502.png

     


    syadav_3-1723145743504.png

     

  • Provide a name to the profile and select 'Add Portal'.

    syadav_4-1723145743506.png

     

  • Check FortiGate Cloud, then select Add:

    syadav_5-1723145743510.png

     

    If the organization has a valid FortiGate Cloud subscription or selects any of them with a valid Subscription, it is also possible to create different profiles, permitting each one access to a group of Services and associating them with different IAM users to limit the access of each one.

  • Change the permissions to 'Read' or 'Read & Write' as needed, then select 'Submit'.

    syadav_6-1723145743513.png

     

  • Navigate to Users, then select the user.

    syadav_7-1723145743514.png

     

  • Select 'User Permissions', and then 'Edit'.

    syadav_8-1723145743515.png

     

  • Under the permission profile, select the newly created permission profile and select 'Update'.

    syadav_9-1723145743519.png

     

The IAM user will now be able to log in to the FortiGate Cloud portal.

 

Important notes:

  • The IAM user can also be used to log in to the FortiGate using single sign-on. To enable this feature, follow this guide: FortiCloud SSO.

 

 

  • Also exists a third type of FortiCloud Users, the Subuser. This is a legacy type of users, as explained here: User Management Models is useful to migrate them to IAM users, as explained here: Migrating Sub Users, for example, to avoid confusion in case of Subusers and IAM Users associated with the same email.

 

  • Referring to the Migration Sub Users guide, it is necessary to pay attention to the second option at point 3. If that option is used, the new IAM Username will be what is before the “@” of the Subuser email.

 

  • To access as an IAM user is necessary to know the ID of the Email User Admin of the organization, putting it in the first field of the IAM login section.                
1643
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.