Technical Tip: Configure FortiClient EMS SAML with Azure AD

mavitrecco · ‎05-10-2023

Description

This article describes how to configure FortiClient EMS SAML with Azure AD.

Scope

FortiClient EMS SAML with Azure AD.

Solution

This article is related to the SAML configuration on FortiClient EMS described in the following document, which contains information about configuration on the Azure AD side:

https://docs.fortinet.com/document/forticlient/7.2.0/ems-administration-guide/156283/saml-configurat...

Navigate to FortiClient EMS -> User Management -> SAML Configuration -> +Add:

In Azure, access the Azure AD:

Create the SSO:

In FortiClient EMS:

In FortiClient EMS:

In Azure AD, download the certificate:

In FortiClient EMS, upload the certificate:

In Azure AD, choose a user or groups:

After that, the FortiClient agent with the telemetry configuration will push the authentication screen. It will then be possible to validate the results under FortiClient EMS -> Endpoint -> All Endpoints.