FortiToken
FortiToken Mobile is an application for iOS or Android that acts like a hardware token but utilizes hardware the majority of users possess, a mobile phone.
rbraha
Staff
Staff
Article Id 347611
Description

 

This article describes how to create IAM account users to access FortiToken Cloud with right permissions.

 

Scope

 

FortiToken-Cloud.

 

Solution

 

Access to FortiToken Cloud is managed by FortiCloud SSO authentication. When there is a request to log in, the system will redirect to FortiCloud, and from there, it is possible to use an Alias, username, and password to log in. The system will grant access to Fortitoken Cloud.

 

  1. Login to portal https://support.fortinet.com. On Services select IAM -> Users -> Add New user.

 

Figure 1. Creating new IAM accountFigure 1. Creating new IAM account

 

  1. On Services select IAM -> Permissions Profile, it is possible to select all the desired products to log in with the account and create a new user. After the user is created, it is possible to select which Permission Profile is desired to configure for selected products. Assign this permission profile to the user created. 
  2. After the account is created, it is possible to select 'Generate Password' and a new Login link will be generated. It is possible to reset the password through the link the user created.
  3. A new Permissions named has been created: TestProfile and on the Permission Profile selected FortiToken Cloud as a product.

    Figure 2. Creating new ProfilesFigure 2. Creating new Profiles

     

    5. Created a new user:genci and assigned the above profile as a permission profile.                                                                                                              
    Figure 3. Adding user to profile created beforeFigure 3. Adding user to profile created before

     

    6. After the account is created, it is possible to select 'Generate Password' and a new Login link will be generated. It is possible to reset the password through the link the user created.

         Figure 4. Generating link to reset passwordFigure 4. Generating link to reset password

 

          7. Login on https://support.fortinet.com/  and select IAM login, specify Account ID/Alias, username, and password.

 Figure 5.Login with IAM userFigure 5.Login with IAM user

 

 

 

An error will be received from FortiCloud with 'Unauthorized' since the permission to access has only be given to FortiToken Cloud portal.

Figure 6. Unauthorized accessFigure 6. Unauthorized access

 

8. It is necessary to login in FortiToken Cloud portal https://ftc.fortinet.com with the admin account to create the same user as a sub_admin account in order to have the right permissions to read all fields on the FortiToken Cloud GUI.

Go to Administrator -> Add Admin Group select the user part of this group and on Managed Realms select default realm.

Figure 7. Add user part of Admin Group in FortiToken CloudFigure 7. Add user part of Admin Group in FortiToken Cloud

 

9. Test results log in with this user:genci.

Figure 8. Login with user in FortiToken CloudFigure 8. Login with user in FortiToken Cloud