SSO against Cisco Duo Identity Provider

This article describes how to configure Cisco Duo to enable Imagicle users to login to web portal, gadgets and Attendant Console with Single Sign-on based on SAML protocol.

Prerequisites

In order to successfully configure your Cisco Duo, you should have the following data:

• User Pool ID
• Redirect URI

More details are available here.

Procedure

1. Login to your DUO admin portal
2. Select Applications item from the left menu panel

3. Click on “Protect an Application” 
4. Enter “generic” in the search box
5. Hit “Protect” button, included in “2FA with SSO hosted by Duo” protection type
6. In "Service Provider" section, please enter the User Pool ID in the "Entity ID" field. See below:

7. In the “Assertion Consumer Service (ACS) URL” field, please enter the Redirect URI. See below:

8. In "SAML Response" section, enter the NameID format corresponding to an email address. See below:

9. In NameId attribute, please select "Email Address". See below:

10. In “Settings” section, enter the Name "Imagicle SSO" to identify Imagicle applications. See below:

11. Hit “Save”
12. Click on “Download XML” button:

13. Please send downloaded file to Imagicle Team to complete the SSO federation.