Duo End-user
In this document you are going to set up IDmelon
as an external IdP to the Duo-user
.
Login to Duo administration panel
- Log in to the Duo Admin Panel.
Add Identity Provider
- Click Single Sign-On in the left sidebar, and then if active Required click active and start then click Add Saml Identity Provider.
IDmelon SAML configuration
You should copy values of below fields from the Duo panel to the IDmelon Panel.
- Copy Entity ID Value
- Copy Assertion Consumer Service URL
Configure Duo Single Sign-On
SAML Identity Provider Configuration
Get all values for
{..}
from your IDmelon panel. If you are currently login here, you will see the replaced values instead.- Choose Custom Display Name
- Paste Entity ID : idp_issuer_uri
- Paste Single Sign-On URL : idp_single_sign_on_url
- Paste Single Single Logout URL : idp_single_sign_on_url
- Paste Single Logout Redirect URL : https://duo.com
- Import Certificate : idp_certificate_download_url
- Choose Username normalization : Simple
- Click Save
- Click Duo Central in the left sidebar, and then if active Required click active and start.
Passwordless
- Click Configuration & Policy
- Activate : Status to Online
- Choose : Duo Central name
- Create your custom subdomain or Use default
Add IDmelon to Duo-user as passwordless and/or one Factor access
- Scroll down to policy options Click Edit Global Policy
- Click Authentication policy Choose Bypass 2FA
- Click Authentication methods then disable all options of 2FA methods.
- Click Save Policy
API Token
- Go to Applications
- Click on Protect an Applications
- Search for Admin API & Click on Protect
- Copy values for Protect:
- Integration key
- Secret key
- API hostname
- Click on Save Changes
Add Application
- Click Tiles to add applications to your Duo-user dashboard
- Add tile
- Choose to Add Applications or Add Bookmarks
- Example: Add Application tile
- Choose your custom app
- Click Add tile
- All Done.
IDP-Init/SP-Init support
Note that Duo-user doesn’t support IDP-Init