__duo__
The __duo__ integration with enables secure user authentication through SAML configuration and the Duo Access Gateway. Learn about essential prerequisites, including DAG installation and root account setup, along with detailed steps for configuring both and __duo__ account settings to establish secure authentication protocols.
__duo__ provides a great way of authenticating your users for your installation.
Prerequisites
Before configuring SAML authentication, ensure the following:
Duo Access Gateway (DAG) is installed and configured with at least one Authentication Source.
Make sure you have one root account added, typically by adding your email address in the user administration section of . For more information, see Manage Users.
For more information about __duo__ Single Sign-on for SAML, see Duo Single Sign-On for Generic SAML Service Providers.
Configure the __duo__ app
First, open your DAG and go to the Applications page. Take note of the SSO URL and Entity ID parameters. Save the certificate to a known location on your host.
Next, log into your __duo__ account and add a new
Generic SAML Service
Provider. Set the Entity ID to
md:EntityDescriptor#entityID,
Assertion Consumer Service to
md:AssertionConsumerService#Location,
and NameID Attribute to
email.
Configure to use __duo__
When __duo__ is configured to work with , you must configure to work with __duo__.
To configure __duo__ to work with , you must set the configuration variables as described in Configure SAML for Self-Hosted.
Test the __duo__ integration setup
Once all of the necessary steps to set up the __duo__ authentication for are completed, you need to test the setup.
Go to a Terminal and start with the following command:
shell./run.shAllow two to three minutes for to start.
Connect to localhost in a browser. It should redirect you to an __duo__ login.
Sign into your __duo__. You should be taken to .