I think what you are looking for is Azure AD SAML SSO setup. I could
only get it to work with trusted 3rd party cert though, not self-signed
certs and only using SSL VPN.
https://docs.fortinet.com/document/fortigate-public-cloud/7.2.0/azure-administr...