NOTE: At this time we do currently support IDP initiated integration through SAML only. If your intention is to use IDP Okta outside a SAML based authentication, we currently don't support IDP but would recommend SP initiated for that authentication.
  1. 1.
    Login to your Duo Account.
2. Click Applications on the left. Then click Protect an Application.
3. Search for Generic Service Provider, and click Protect on the line item that says Single Sign-On (hosted by Duo).
4.Copy the Entity Id and Single Sign on URL for use in Plextrac. These correspond to the Identity Provider Single Sign-On URL and Provider Issuer URL fields.
5. Download the SAML Metadata xml and copy the value for the X509Certificate. Fill out the rest of the fields for the application. The value for the Entity ID is {{your_domain}}. The value for the Assertion Consumer Service is {{your_domain}}/api/v2/saml/authenticate.
6. Make sure the Name ID Format is EmailAddress and the signature algorithm SHA256.
7. Press Save. You can now enter the information into Plextrac. Please note that Duo only provides secondary authentication, and that you will need to have separately configured primary authentication through Duo. That is outside the scope of this tutorial.
Last modified 5mo ago
Copy link