eliott/authentik
1
0
Fork 0
mirror of https://github.com/goauthentik/authentik synced 2026-04-27 18:07:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e7fcfb7e67d5df3e8a8a5da170f18fa4c6b98731
authentik/website/integrations/networking/fortimanager/index.md
Teffen Ellis 6ed5cb5249 website/docs: Modal and wizard button labels (#21549) 
* website/integrations: rename "Create with Provider" to "New Application"

The application list page now uses a split-button labeled
"New Application" instead of the old "Create with Provider" dropdown.
Update all 113 integration guides to match.

* website/docs: update flow, stage, and policy button labels

- "Create" → "New Flow", "New Stage", "New Policy" for trigger buttons
- "Finish" → "Create Flow", "Create Stage", "Create Policy" for submit
- "Create and bind stage" → "New Stage" / "Bind Existing Stage"
- "Create" (binding submit) → "Create Stage Binding"

* website/docs: update provider button labels

- "Create" → "New Provider" for trigger buttons
- "Create with Provider" → "New Application" in RAC docs
- "Create" → "New Property Mapping", "New RAC Endpoint", "New Prompt"
  for related entity creation

* website/docs: update directory button labels

- "Create" → "New Source" for federation/social login pages
- "Create" → "New Role", submit → "Create Role"
- "Create" → "New Invitation"
- Policy binding submit → "Create Policy Binding"

* website/docs: update endpoint device and system management button labels

- "Create" → "New Endpoint Connector", "New Enrollment Token",
  "New Device Access Group", "New Flow"
- Submit → "Create Device Access Group"
- "Create" → "New Notification Rule", "New Notification Transport"
- Binding submit → "Create Policy Binding"

* Reorganize policy documentation

* website/docs: address policy docs review feedback

* post-rebase

* website/docs: Reorganize policy documentation -- Revisions (#21601)

* apply suggestions

* Fix escaped.

* Fix whitespace.

* Update button label.

* Fix phrasing.

* Fix phrasing.

* Clean up stragglers.

* Format.

---------

Co-authored-by: Dominic R <dominic@sdko.org>
2026-04-16 17:35:38 +00:00

63 lines
3.6 KiB
Markdown
Raw Blame History

---
title: Integrate with FortiManager
sidebar_label: FortiManager
support_level: community
---
## What is FortiManager
> FortiManager is an enterprise solution that enables centralized network management, ensures compliance with best practices, and automates workflows to enhance breach protection.
>
> -- https://www.fortinet.com/products/management/fortimanager
## Preparation
The following placeholders are used in this guide:
- `fortimanager.company` is the FQDN of the FortiManager installation.
- `authentik.company` is the FQDN of the authentik installation.
:::info
This documentation only lists the settings that have been changed from their default values. Please verify your changes carefully to avoid any issues accessing your application.
:::
## authentik configuration
To support the integration of FortiManager with authentik, you need to create an application/provider pair in authentik.
### Create an application and provider in authentik
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Applications** > **Applications** and click **New Application** to open the application wizard.
- **Application**: provide a descriptive name, an optional group for the type of application, the policy engine mode, and optional UI settings.
- **Choose a Provider type**: select **SAML Provider** as the provider type.
- **Configure the Provider**: provide a name (or accept the auto-provided name), the authorization flow to use for this provider, and the following required configurations.
- Set the **ACS URL** to `https://fortimanager.company/saml/?acs`.
- Set the **Issuer** to `https://authentik.company/application/saml/<application_slug>/sso/binding/redirect/`.
- Set the **Service Provider Binding** to `Post`.
- **Configure Bindings** _(optional)_: you can create a [binding](/docs/add-secure-apps/bindings-overview/) (policy, group, or user) to manage the listing and access to applications on a user's **My applications** page.
3. Click **Submit** to save the new application and provider.
## FortiManager Configuration
1. Navigate to `https://fortimanager.company/p/app/#!/sys/sso_settings` and select **SAML SSO Settings** to configure SAML.
2. Under **Single Sign-On Mode**, choose **Service Provider (SP)** to enable SAML authentication.
3. Set the **SP Address** field to the FortiManager FQDN, `fortimanager.company`. This provides the URLs needed for configuration in authentik.
4. Choose the **Default Login Page** as either **Normal** or **Single Sign-On**. Selecting **Normal** allows both local and SAML authentication, while **Single Sign-On** restricts login to SAML only.
5. By default, FortiManager creates a new user if one does not exist. Set the **Default Admin Profile** to assign the desired permissions to new users. A `no_permissions` profile is created by default for this purpose.
6. Set the **IdP Type** field to **Custom**.
7. For the **IdP Entity ID** field, enter: `https://authentik.company/application/saml/<application_slug>/sso/binding/redirect/`
8. Set the **IdP Login URL** to: `https://authentik.company/application/saml/<application_slug>/sso/binding/redirect/`
9. Set the **IdP Logout URL** to: `https://authentik.company/`
10. In the **IdP Certificate** field, import your authentik certificate (either self-signed or valid).
## Configuration verification
To confirm that authentik is properly configured with FortiManager, log out and log back in via authentik.
## Resources
- [Community post on the Fortinet forum](https://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-Configure-SAML-SSO-login-with-Azure-AD/ta-p/198324)
Reference in New Issue View Git Blame Copy Permalink