Support for 3rd-party SAML IdP

Hello @paolo,

Thank you for reaching out. Currently, our supported IdPs are Microsoft and Okta. I will discuss your request for FortiAuthenticator support with our Product Owner to evaluate the possibility of future support for this IdP.

We will keep you updated on any developments.

Best regards,

Thanks
I think there is no need to specifically support FortiAuthenticator itself.
A generic implementation of the SAML protocol would support many IdP (FortiAuthenticator included)

We currently use it with many other solutions

Thanks

I've got a quick question for you @paolo to help us determine the scope of your feature.

Do you require the synchronization of groups, or is only user synchronization necessary for your use case?

I'm trying to determine the feasibility of doing an implementation that could be generic for any IdP or something we will need to do specifically for Fortinet.

Thanks,

Hi
I think user Sync would be enough
IdP would auth the user, devolutions should match the email or username (claim based) with already imported/invited users and Grant the access with the configured profile.
If IdP user has no match with Devolutions user, then should throw access denied.

Hi
I don't know if I misunderstood your question.
I don't really need user sync (like SCIM?)
We are ok inviting users with the traditional mode (email invite)
I just need to authenticate the user with my IdP and match it with the configured user on your platform through SAML claim like email.

Let me know if you need any other detail

Thanks in advance

Hello @paolo,

I understood your demand correctly. You don't need Provisionning (SCIM) activated in order to use Single Sign-On (Microsoft or Okta) with Hub Business.