This article describes that FortiSASE fails to get Microsoft Entra Groups.
Scope
FortiSASE.
Solution
The FortiSASE is configured to connect to Microsoft Entra for SAML Authentication, but FortiSASE is unable to fetch the groups configured on Microsoft ENTRA, and its showing as Failed to get Microsoft Entra Groups.
Things to Check:
- The SAML test from FortiSASE shows as successful.
- SAML users can connect to a VPN without any issues.
Issue:
As shown below, FortiSASE is still unable to fetch the groups configured on Microsoft ENTRA, and it is showing as failed to get Microsoft Entra Groups.
Before searching for Azure user groups from FortiSASE, the group searching permission needed to be configured on Azure.