Help
FortiWeb
A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.
Khidzir_MN
Staff
Staff

Created on ‎02-28-2024 12:52 AM Edited on ‎09-05-2025 05:27 AM By Staff

Article Id 301780

Technical Tip: How to configure SAML SSO login for FortiWeb Administrators with Microsoft Entra ID

Description This article describes how to configure SAML SSO login for FortiWeb Administrators with Microsoft Entra ID.
Scope FortiWeb and FortiWeb VM.
Solution

Step 1: Configure the FortiWeb Fabric Connector (Security Fabric -> Fabric Connectors) setting and the respective Microsoft Entra SSO setting.

 

configure_fabric.png

 

Step 2: Download the IDP Certificate from the Microsoft Entra ID and upload it onto the FortiWeb.

 

idp_cert.png

 

Step 3: Create and/or assign a user at the Microsoft Entra ID for the SSO login.

 

entra_assign_user.png

 

Step 4: Login via Single Sign-On to the FortiWeb using the user credential created and/or assigned in Step 3.

 

fwb_sso_login.png

 

sso_first_login.png

 

Step 5: Logout from the FortiWeb.

 

Step 6: Log in to the FortiWeb as a regular admin and assign the respective SSO user the respective Access Profile (System -> Admin -> Administrator).

 

admin_profile.png

 

Step 7: Relogin via Single Sign-On to the FortiWeb using the respective SSO user and verify the Access Profile is correct.

 

For v7.6.0 and later, the admin user Single Sign-On with SAML feature was introduced, and the new configuration steps can be found in: Single Sign On with Azure

 

1452
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.