FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 292509
Description This article describes how to use namespace while configuring SAML between Azure(Idp) and Fortigate(SP)
Scope FortGate.

In some cases, namespaces are configured by default for username and group claims on Azure for SAML configuration.

While configuring attributes (username and group) on Fortigate for SAML configuration, make sure to check the attributes and claims first on Azure.

If the username and group claims on Azure have a namespace in them by default, it is necessary to either use the same namespace ending it with the name of the claim configured on Azure and copy it on FortiGate as shown below or remove the namespace for that particular attribute from Azure.


For example:





fortigate saml edit.PNG



if the namespace is not required, remove it from Azure and simply use the name of the username claims as shown above.


Related articles:

Technical Tip: Create SSL VPN with Azure SAML SSO Authentication, optional multiple SSL VPN RealmsTechnical Tip: Configuring SAML SSO login for FortiGate administrators with Entra ID acting as SAML ...