Duo End-user

In this document you are going to set up IDmelon as an external IdP to the Duo-user.

Login to Duo administration panel


Log in to the Duo Admin Panel.

Add Identity Provider


Click Single Sign-On in the left sidebar, and then if active Required click active and start then click Add Saml Identity Provider .

IDmelon SAML configuration


You should copy values of below fields from the Duo panel to the IDmelon Panel.

Copy Entity ID Value

Copy Assertion Consumer Service URL

Configure Duo Single Sign-On


SAML Identity Provider Configuration

Get all values for {..} from your IDmelon panel.
If you are currently login here, you will see the replaced values instead.

Choose Custom Display Name

Paste Entity ID : idp_issuer_uri

Paste Single Sign-On URL : idp_single_sign_on_url

Paste Single Single Logout URL : idp_single_sign_on_url

Paste Single Logout Redirect URL : https://duo.com/

Import Certificate : idp_certificate_download_url

Choose Username normalization : Simple

Click Save

Click Duo Central in the left sidebar, and then if active Required click active and start.

Passwordless


Click Configuration & Policy

Activate : Status to Online

Choose : Duo Central name

Create your custom subdomain or Use default

Add Idmelon to Duo-user as passwordless and/or one Factor access

Scroll down to policy options Click Edit Global Policy

Click Authentication policy Choose Bypass 2FA

Click Authentication methods then disable all options of 2FA methods.

Click Save Policy

API Token


Go to Applications

Click on Protect an Applications

Search for Admin API & Click on Protect

Copy values Protect

1

Integration key

2

Secret key

3

API hostname

Click on Save Changes

Add Application


Click Tiles to add applications to your Duo-user dashboard

Add tile

Choose to Add Applications or Add Bookmarks

Example Add Application tile

Choose your custome app

Click Add tile

All Done.

IDP-Init/SP-Init support


Note that Duo-user doesn’t support IDP-Init