Duo

  1. Login to your Duo Account.

A screenshot of a cell phone

Description automatically generated

2. Click Applications on the left. Then click Protect an Application.

3. Search for Generic Service Provider, and click Protect on the line item that says Single Sign-On (hosted by Duo).

A screenshot of a cell phone

Description automatically generated

4.Copy the Entity Id and Single Sign on URL for use in Plextrac. These correspond to the Identity Provider Single Sign-On URL and Provider Issuer URL fields.

A screenshot of a cell phone

Description automatically generated

5. Download the SAML Metadata xml and copy the value for the X509Certificate. Fill out the rest of the fields for the application. The value for the Entity ID is {{your_domain}}. The value for the Assertion Consumer Service is {{your_domain}}/api/v2/saml/authenticate.

A screenshot of a cell phone

Description automatically generated

6. Make sure the Name ID Format is EmailAddress and the signature algorithm SHA256.

A screenshot of a cell phone

Description automatically generated

7. Press Save. You can now enter the information into Plextrac. Please note that Duo only provides secondary authentication, and that you will need to have separately configured primary authentication through Duo. That is outside the scope of this tutorial.