FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 207005
Description This article describes how to create IAM users in FortiCloud and allow login into the FortiGate administrator UI with read/write access.
Scope FortiGate 7.0.x, FortiCloud SSO.

In FortiOS 7.0.0 and above, a new feature that allows FortiCloud SSO login is introduced. 


To enable FortiCloud SSO login, go to System -> Settings and toggle FortiCloud Single Sign-On to On:




To configure IAM users in FortiCloud, login to FortiCloud portal ( with administrator access.


Follow the steps below:


  1. Select Services -> IAM.




  1. Select 'ADD IAM USER'.




  1. Enter the details of the user:




  1. In the User Permissions section, select the pencil icon beside FortiOS SSO, and assign proper access type:




  1. Review the configured details and select 'Confirm' to create the user:




  1. Once the user has been created, a CSV will be generated. Download the file as it contains the password for the user to login as an IAM user:




  1. Send the downloaded CSV file to the corresponding user.


Once the above has been configured, proceed to login to the FortiGate GUI using the usual URL (https://<fortigate-IP/domain>:<port>).


  • Notice an additional 'Sign in with FortiCloud' button. Select it.


  • Select 'Sign in as IAM user':




  • In the login form, fill in the details recorded in the CSV file downloaded previously:




  • The user is now logged in with FortiCloud SSO with the assigned rights:




Additional notes:

Note that FortiCloud SSO could fail in the following cases:


  • If the FortiGate is not registered to the FortiCare account used for login, it will reject the login and give the user the option to switch account or login locally.
  • If the master account has '2FA auth enforcement' enabled, IAM users without 2FA configured will be rejected.