Help
FortiSASE
FortiSASE delivers both a consistent security posture and an optimal user experience for users working from anywhere. Secure your hybrid workforce by closing security gaps, plus simplify operations.
kyozloveyou_FTNT
Staff
Staff

Created on ‎12-10-2023 10:43 PM

Article Id 288648

Technical Tip: Exempt SAML URL is required for SWG SSO

Description This article describes how SAML URL is required to be exempt when not using known SAML like Okta, Azure and etc.
Scope FortiSASE, SWG SSO.
Solution

If hosting SAML in public:

 

saml.png

 

nslookup saml.lab-kl.XXXXXX.YYYY
Server: one.one.one.one
Address: 1.1.1.1

Non-authoritative answer:
Name:UUUUU.XXXXXX.com
Address: 180.72.X.X <----- Public IP is resolved for SAML URL.
Aliases: saml.lab-kl.XXXXXX.com

 

Follow setting is required for proxy setting:

 

proxy.png

 

Result:

 

loginpage1.png

 

login2.png

 

440
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.