FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
syadav
Staff
Staff
Article Id 331706
Description This article describes how to resolve the FortiGate cloud error A01I08-17 for IAM users.
Scope FortiCloud.
Solution

The IAM user logs into the FortiGate cloud and gets error A01I08-17 (unauthorized) as shown in the below screenshot:

syadav_0-1723145743491.png

 

This is a permission issue, where the IAM user lacks permission to access the FortiGate cloud portal.

Note that the default built-in permission profile ‘SysAdmin’ only provides access to Asset Management and IAM.

 

Follow the below steps to ensure that the IAM user has permission for the FortiGate cloud.

  • Login to the support portal with the Master account.
  • Navigate to Services -> IAM.

    syadav_1-1723145743496.png

     

  • Navigate to the Permission profile then select  ‘Add New’.

    syadav_2-1723145743502.png

     


    syadav_3-1723145743504.png

     

  • Provide a name to the profile and select ‘Add Portal’.

    syadav_4-1723145743506.png

     

  • Check FortiGate Cloud then select Add.

    syadav_5-1723145743510.png

     

  • Change the permissions to ‘Read’ or ‘Read & Write’ as needed, then select ‘Submit’.

    syadav_6-1723145743513.png

     

  • Navigate to Users then select the user.

    syadav_7-1723145743514.png

     

  • Select ‘User Permissions’, and then ‘Edit’.

    syadav_8-1723145743515.png

     

  • Under permission profile, select the newly created permission profile and select ‘Update’.

    syadav_9-1723145743519.png

     

The IAM user will now be able to log in to the FortiGate cloud portal.

 

The IAM user can also be used to log in to the FortiGate using single sign-on. To enable this feature follow this guide:

FortiCloud SSO

 

If the IAM user is getting an error while logging in to FortiGate via single sign-on, follow this article.

Technical Tip: 'This FortiCloud account XXXX is not authorized to sign in on this FortiGate' via acc...