Help
FortiAuthenticator
FortiAuthenticator provides access management and single sign on.
kiri
Staff
Staff

Created on ‎08-30-2023 07:42 AM

Article Id 271152

Technical Tip: activate FIDO authentication

Description This article describes how to enable FIDO authentication.
Scope FortiAuthenticator, FortiToken 400, FIDO.
Solution
  1. Enable FIDO authentication on the user properties. See the administration guide.

    Alternatively, enable it in the sync rule if this needs to be done in bulk for a large number of users.

  2. Hand physical FortiToken 400s out to the users to ensure they are registered. Follow the steps in the quickstart guide.

  3. Once the tokens have been registered, change the SAML Authentication method in Service provider settings to FIDO-only and, for instance, allow two-factor authentication (password and OTP) if all FIDO keys have been revoked for the user account. See the administration guide for instructions.

    Follow the same steps for OIDC.

 

Currently, FIDO with Radius auth is not supported.
965
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.