Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
samandeep
Staff
Staff

Created on ‎07-28-2024 03:00 PM Edited on ‎10-22-2024 08:18 AM By Moderator

Article Id 328584

Technical Tip: 'This FortiCloud account XXXX is not authorized to sign in on this FortiGate' via accessing FortiGate cloud from a new master FortiCloud account

Description

This article describes that new IAM users will not be able to remote access the on-prem FortiGate via FortiGate cloud and getting this error 'This FortiCloud account XXXX is not authorized to sign in on this FortiGate'.
Scope FortiCloud service v24.2.x.
Solution forticloud.PNG

 

The possible cause of this issue is that the IAM account does not have valid permissions to access the FortiGate.

 

To resolve this issue:

 

forticloud1.png

 

Open Support portal (support.fortinet.com).

  1. Go to Services -> select 'IAM'.

  2. Select 'Permission profiles'.

  3. Create a new permission profile (Note: default sysadmin permission profile does not have managed FortiOS feature enabled).

forticloud2.png

 

  1. Select to add portal.

     

  2. Select portals based on the requirement but for accessing on-premise FortiGates select 'FortiOS SSO and managed FortiGate' must be configured to allow portal access for administrators.

     

    fortilcoud7.png

 

  1. Enable the access on both portals and give the access types based on the screenshots.

    fortilcoud4.png

     

  2. Assign this permission profile to the new IAM user.

     

  3. Ensure the status of that user must be active.

     

  4. Login to the account via that IAM user.

Screenshot 2024-10-18 150403.png

 

10. Attempt to remote access the FortiGate.


After all these steps are taken, a successful attempt looks like the below screenshot:

 

forticloud permission.PNG

 

Note: If the configuration is the same as describes in this KB article and the FortiCloud Account still shows as unauthorized, review whether the Device license was set to 'Pay as you go'.

 

At this time, 'Pay as you go' is not supported by FortiCloud SSO login. 
815
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.