Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
HS08
Contributor

SAML Microsoft Entra

Anyone know how to make Microsoft Entra ID as source identity in the firewall policies?

1 REPLY 1
Hemin88
New Contributor III

Hi @HS08 

To use Microsoft Entra ID as the source identity in your firewall policies, follow these general steps:

  1. Create an Enterprise Application in Microsoft Entra ID:

    • Log in to the Azure portal.
    • Navigate to Microsoft Entra ID > Enterprise applications.
    • Click New application and select Create your own application.
    • Name your application and choose Integrate any other application you don’t find in the gallery (Non-gallery).
    • Click Create.
  2. Configure SAML SSO:

    • In the newly created application, go to Single sign-on and select SAML.
    • Configure the SAML settings with the necessary information from your firewall’s documentation. This typically includes the Identifier (Entity ID), Reply URL (Assertion Consumer Service URL), and Sign-on URL.
  3. Assign Users and Groups:

    • Go to Users and groups in the application settings.
    • Assign the users or groups that need access through the firewall.
  4. Configure the Firewall:

    • Access your firewall’s management interface.
    • Navigate to the authentication settings and select SAML as the authentication method.
    • Enter the SAML configuration details provided by Microsoft Entra ID, such as the SAML Entity ID, SAML SSO URL, and SAML Certificate.
  5. Create Firewall Policies:

    • Define firewall policies that use the authenticated user identity from Microsoft Entra ID.
    • Specify the users or groups from Microsoft Entra ID in the source identity field of the firewall policy.

IP Network Engineer
IP Network Engineer
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors