Log back in to the DualShield Admin Console
Go to SSO>Service Providers
Click on 
on the top right.
Fill in the details as per screenshot on right and make sure you select SAML 2.0(Without Metadata) as Type.
Copy and Paste the Entity ID, ACS and Logout URL from the SP details on the Fortinet UI (see above)
Click on Attributes at the top
Click Create
Use the following Values:
| Option | Value |
|---|---|
| Location | HTTP Body |
| Name | username |
| Format | unspecified |
| Maps To | userPrincipleName |
Click Save
Click on General Settings at the top
Set NameID Format to Map to the following Attribute
Select Username in the Attribute dropdown
The completed Service Provider dialogue box will look like this:
Click Save
Go to SSO>SSO Servers
Select the drop-down menu corresponding to the SSO server you will be using and click on View
Click on Display Metadata at the bottom
Search through the metadata for the Entity ID, Single Sign-On URL and Single Logout URL
Go back to the Fortinet Ui to IdP Settings. Set the IdP type to Custom.
Select the Remote Certificate you uploaded earlier (Refer to Import IdP Certificate into FortiGate)
Copy and out Entity ID, Single Sign-On URL and Single Logout URL from the IdP metadata on Dualshield and past them into the corresponding fields under IdP Settings on Fortinet
Click OK
