FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 192854
This article describes how to setup both Jumpcloud and FortiGate for SAML SSO for Admin login with FortiGate acting as SP.

The main purpose is to provide Windows users with Single Sign-On (SSO) access.

From GUI go to Security Fabric -> Fabric Connectors -> Security Fabric Setup and select 'Single Sign-On' Settings.

From CLI.
FGT-Chetu # show system saml
# config system saml

    set status enable
    set default-profile "super_admin"
    set idp-entity-id ""
    set idp-single-sign-on-url ""
    set idp-single-logout-url ""
    set idp-cert "REMOTE_Cert_4"
    set server-address ""

On the JumpCloud-IDP.

- SP Entity ID: Use the same as FortiGate SP Entity ID.
- ACS URL: Use the same as in the SP ACS (login) URL

Tip: If the page is continually loading, it means there is a mismatch in the above URL’s.

User Attributes Settings.

- Default Relay State is an optional, it is possible to leave as it is.

- Login URL: Use the same as in the SP portal URL.

- IDP URL: This is the idp-single-sign-on-url not the Entity ID.

Tip: When Admin access is configrued, SP except to receive the 'username' object (in the field it can be username/email-id).
Failure of receiving the username object in the Assertion it will pop-up an error 'No username is found in SAML assertion.'