Powered by Algolia

    Duo authentication

    If you need to use Duo multi-factor authentication (MFA), single sign-on (SSO), or the Duo authenticator app for authentication in OpenIAM, follow the steps below to configure it.

    Configuring the Duo account

    1. Sign up for a Duo account at https://signup.duo.com.
    2. Log in to the Duo Admin Panel and navigate to Applications (https://admin.duosecurity.com/).
    3. Click Protect an Application and locate the 2FA-only entry for Web SDK.
    4. Click Protect to configure the application and obtain your Client ID, Client Secret, and API Hostname. You will need this information to complete the setup. See Protecting Applications on the Duo website for additional details.
    5. Activate Universal Prompt for your Web SDK 2FA entry.

    Universal prompt

    More instructions are available in Duo’s documentation: https://duo.com/docs/oauthapi#first-steps.

    Configuring OpenIAM

    1. Create a new authentication provider using the DUO authentication provider type, and fill in the required fields.

    New auth provider

    Fields to fill

    1. Set Duo authentication as the default authentication provider.

    Default auth provider

    1. Use the default Duo authentication rule or create a new rule that includes the required authentication types.

    Auth rule

    Example

    The example below shows how the About page is selected for Duo authentication.

    1. Select the desired item in the menu.

    Selecting item on the menu

    1. Redirect to the Duo server using the API Hostname value.

    API hostname

    1. Enter the code received on your phone.

    Phone code

    1. After successful authentication, you are redirected back to OpenIAM using the Redirect URI configured on the authentication provider page.
    Previous
    Criipto authentication
    Next
    Microsoft Modern authentication