FortiToken Cloud - Admin Guide Version 21.2.d FORTINET DOCUMENT LIBRARY https://docs.fortinet.com

FORTINET VIDEO GUIDE https://video.fortinet.com

FORTINET BLOG https://blog.fortinet.com

CUSTOMER SERVICE & SUPPORT https://support.fortinet.com

FORTINET TRAINING & CERTIFICATION PROGRAM https://www.fortinet.com/support-and-training/training.html

NSE INSTITUTE https://training.fortinet.com

FORTIGUARD CENTER https://www.fortiguard.com

END USER LICENSE AGREEMENT https://www.fortinet.com/doc/legal/EULA.pdf

FEEDBACK Email: [email protected]

JJune 28, 2021 FortiToken Cloud 21.2.d Admin Guide TABLE OF CONTENTS

Introduction 7 Main features 7 Licensing 8 Compatible Fortinet applications 9 Supported browsers 9 Important notes 9 Transferring auth clients 10 Use of non-officially supported FOS 10 The same token for the same user on multiple auth clients 10 FOS 6.2.3 and 6.4.0 CLI differences 10 Admin accounts and realms 11 Supported hard tokens 11 No SMS MFA with FAC as LDAP server 11 A single FTC user in multiple auth clients 11 FAC users' name issues on FTC GUI 12 How to use FortiClient 12 Product documentation and support 12 Release history 14 21.2.d 14 21.2.c 14 21.2.a 14 21.1.a 14 20.4.d 15 20.4.c 15 20.4.a 15 20.3.e 15 20.3.d 15 20.2.c 16 20.1.b 16 20.1.a 16 4.4.c 16 4.4.b 17 4.3.a 17 4.2.d 17 4.2.c 17 4.2.b 17 Getting started—FGT-FTC users 18 Register your FTC subscription 18 Upgrade FortiOS 19 Log in to the FortiToken Cloud portal 19 Activate FGT VDOMs for FTC service 20 Add an admin user for FTC service 20

FortiToken Cloud 21.2.d Admin Guide 3 Fortinet Technologies, Inc. Add a local user for FTC service 20 Add remote FortiGate users for FTC service 21 Getting started—FAC-FTC users 22 Register your FTC subscription 22 Upgrade FortiAuthenticator OS 23 Log in to the FortiToken Cloud portal 23 Activate FAC for FTC service 24 Add an admin user for FTC service 24 Add a local user for FTC service 24 FOS CLI commands for FortiToken Cloud 26 Global system configuration 26 Access FTC management commands 26 Configure admin users 27 Configure local users 28 Configure local LDAP users for FTC service 29 Configure wildcard LDAP users for FTC service 29 Configure local RADIUS users for FTC service 30 Diagnose FortiToken Cloud 30 FortiToken Cloud GUI 32 Launch FortiToken Cloud 33 Log in as a regular FTC user 34 Log in as an IAM user 34 FortiCloud 34 The FortiCloud Logo 35 Your FortiCloud account 35 Services 35 Support 37 Dashboard 37 Last 10 attempts in 30 days 38 Administrators 39 Create a sub-admin group 40 Delete a sub-admin group 41 Realms 41 Create a custom realm 42 Edit a realm 43 View realm permission 43 Delete a realm 43 View realm settings 44 Users 44 Get a new FTM token 46 Auto-assign FTKs to selected users 46 Add user aliases 46 Hide/Show full FortiAuthenticator username 47 View a user's auth clients 47 Edit a user 47

FortiToken Cloud 21.2.d Admin Guide 4 Fortinet Technologies, Inc. FortiProducts 48 Assign an auth client to a realm 49 Edit an auth client 49 Viewing additional information about an auth client 49 Delete an auth client 49 Web Apps 50 Add an auth client 50 Regenerate the API credentials 51 Edit a web app 51 Delete a web app 51 Devices (HA) 52 Search for a standalone device 52 Add devices to cluster 52 Remove devices from a cluster 53 Move a device between clusters 53 Mobile Tokens 53 Hardware Tokens 54 Add hard tokens manually 55 Batch-upload hard tokens 55 Assign a hard token to a user 56 Delete hard tokens 56 Usage 57 View usage data 57 View current user count and user quota 58 Credits 58 Flexible credit-based usage model 58 SKUs and user limits 59 Number of users vs. number of auth client and realms supported 59 Replenish your credit balance 60 Licenses 61 Settings 61 Global 61 Realm 63 Templates 69 Logs 71 Authentication logs 71 Management logs 73 FortiToken Mobile 76 Supported FTM apps 76 Activate FTM tokens 77 Activate third-party tokens 77 Use FTM tokens 77 FAQs 78 Does Fo