Authentication in FortiConnect with Facebook

Facebooktwittergoogle_pluslinkedinFacebooktwittergoogle_pluslinkedin

FortiConnect can be configured to authenticate Facebook users that access the network. This document focuses on the configuration required to enable the integration of FortiConnect and Facebook.

NOTE: This document is based on FortiConnect 16.9.5 release.

To add the Facebook authentication server navigate to Network Access Policy >
Authentication Policy from the FortiConnect Administrative Console and configure the connection settings for Facebook authentication. The parameters highlighted in this image require configuration on the Facebook Developers Console.

Generating the Facebook Application ID and Secret

Configure the parameters described in this section prior to configuring the Facebook Authentication policy in the FortiConnect Administrative Console.

This section describes mandatory Facebook configurations only.

  1. Login into the Facebook Developers Console (https://facebook.developers.com).
  2. In the dashboard, click the drop down on the top left panel and click Create New App.

  3. Enter a unique Display Name and your Contact Email. Click Create App ID. Complete the requisite security check and click Submit.

  4. Select Facebook Login as the social login product and click Setup.

  5. Select Web platform to add the Facebook login and enter the FortiConnect FQDN as the Site URL. Click Save.

    You are not required to mandatorily modify the subsequent tabs.

  6. Navigate to Settings > Basic. The generated Facebook App ID and the App Secret are displayed. Click Show to view the App Secret; you are required to re-authenticate the Facebook login credentials.
    The generated App ID and App Secret are required to be populated in the FortiConnect Administrative Console.

  7. Navigate to Facebook Login > Settings and enter the Valid OAuth Redirect  URIs in the format – https://<FortiConnect FQDN>/<Controller IP>?command=FacebookAuthExample: https://fbforforticonnect.mycompany.com /portal/192.168.1.1/?command=FacebookAuth.

  8.  

    Notes:

  • These configurations are done in the In Development mode. Click Off to switch to the production mode to make your application go live.

  • In order to be granted access to certain user information, Facebook requires your application to undergo a review process, click App Review. For more information read specific Facebook guidelines and policies on this page.
 

Configuring FortiConnect

After configuring Facebook, update the FortiConnect Administrative Console to conclude the integration between Facebook and FortiConnect.

 

 

 

 

  • Facebook App ID and Facebook App Secret – See section Generating the Facebook Application ID and Secret.
  • Attribute Mappings – The rules/attribute mappings required for the server.

After the Facebook authentication policy is successfully created, some specific Guest Portal configurations are required for Facebook.

  1. Navigate to Guest Portals > Portal Policy > Realm Restrictions and add Facebook to the Selected Realms. Click Save.
  2. Navigate to Guest Portals > Portal Policy > Facebook Profile and update the Facebook Profile Settings. Select the additional information you intend on requesting from the client. Click Save.

 

 

 

 

 

 

Note:

  • Facebook shares the additional information based on user preference.
    Selecting a type of information does not guarantee that you get it.
  • Fortinet does not control the requirements imposed by Facebook, you are required to familiarize yourself with any changes to the Facebook policies and update the Facebook application accordingly.
Facebooktwittergoogle_pluslinkedinFacebooktwittergoogle_pluslinkedin