Duo SSO Integration

Ascend can integrate with Duo for SSO authentication purposes. In order to configure Duo SSO, please go through the following steps:

  1. Ensure that Duo is enabled for SSO.
  2. In the Duo Admin panel, navigate to Applications
  3. Click Protect an Application and locate the entry for Generic Service Provider. You may use "2FA with SSO hosted by Duo (Single Sign-On)" or "2FA with SSO self-hosted (Duo Access Gateway)"
  1. Fill in the Entity ID. The Entity ID is the global, unique name for Duo Single Sign-On. The most commonly used pattern: use the hostname for the service as the Entity ID.
  2. Fill in the Assertion Consumer Service. This value will require your custom Ascend subdomain filled in as follows:
  1. In the SAML response section, ensure the NameID Format is set to SAML 2.0
  1. Set the Map Attributes to include the user's email and username.
  1. Ensure these settings are saved. You will then need to send the Metadata URL to your Ascend support engineer via an encrypted secure messaging system (we prefer Keybase but happy to work with others too).

After this is set up, your users will be able to authenticate into Ascend through Duo SSO.

Updated about a month ago

Duo SSO Integration

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.