Configuring SAML for FortiMail
Setting FortiMail
Go to System -> Customization -> Single Sign On:
Toggle “Enabled” switch to on
Toggle “Webmail” switch to on
Insert IdP (HES) metadata as text or file in Identity Provider (IDP) Metadata section
Click Apply
Download SP (fortimail) metadata
Setting HES
Go to Settings -> Parameters -> SAML section:
Click Add Service Provider button:
Issuer - Entity ID from FortiMail
Assertion Consumer Service - ACS URL from FortiMail
Public x509 Certificate - Certificate from FortiMail
NameID Format - Email
NameID Value - Email
Add Assertion Attributes:
SAML Attribute - urn:oid:0.9.2342.19200300.100.1.3
User Attribute - Email