docs.facundoitest.space

User Tools

Site Tools

Trace: deshabilitar_antivirus_defender sintetizador_fm_para_archivos_midi_en_python l2tp_ipsec_server_routeros_mikrotik changing_the_neofetch_ascii_logo configuracion_cliente_l2tp_ipsec_en_windows
fortigate_-_entra_id_saml_sso

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
fortigate_-_entra_id_saml_sso [2025/12/12 22:04] – [References] osofortigate_-_entra_id_saml_sso [2026/01/27 23:14] (current) – [SAML Claim Mapping (Azure → FortiGate)] oso
Line 33: Line 33:
 **Edit the existing “groups” claim** so that it sends **Group Object IDs** (not display names). **Edit the existing “groups” claim** so that it sends **Group Object IDs** (not display names).
   * The expected claim name must be ''group''   * The expected claim name must be ''group''
 +
 +<WRAP center round important 60%>
 +**must** be ''group''
 +</WRAP>
 +
  
 {{:2024-01-15_14_16_40.png?nolink|}} {{:2024-01-15_14_16_40.png?nolink|}}
Line 53: Line 58:
 If the Azure claim sends the wrong attribute or the Object ID doesn't match exactly, FortiGate will not associate the session with the group, and the VPN connection will be denied. If the Azure claim sends the wrong attribute or the Object ID doesn't match exactly, FortiGate will not associate the session with the group, and the VPN connection will be denied.
  
----+https://learn.microsoft.com/en-us/entra/identity/saas-apps/fortigate-ssl-vpn-tutorial
 ====== Create Test User and Security Group in Entra ID ====== ====== Create Test User and Security Group in Entra ID ======
   * Create test user   * Create test user
fortigate_-_entra_id_saml_sso.1765577052.txt.gz · Last modified: 2025/12/12 22:04 by oso