unable to authenticate saml2aws profile using duo

[mpatil3598]

We are unable to authenticate saml profile using duo, getting below error:

Using IdP Account default to access JumpCloud https://sso.jumpcloud.com/saml2/aws To use saved password just hit enter. ? Username ? Password

Authenticating as ... ? Select which MFA option to use DUO MFA authentication Error authenticating to IdP.: error retrieving Duo configuration, non 200 status returned

[scottyrogers]

It looks like DUO has made some changes, this correlates when saml2aws stopped working for us.

Important: Duo is ending support for the traditional Duo two-factor authentication prompt on March 30, 2024. JumpCloud supports Duo universal prompt and recommends admins update to that method. https://jumpcloud.com/support/configure-duo-security-mfa#protecting-the-user-portal-with-duo-mfa

saml2aws log output DEBU[0001] building provider command=login idpAccount="account {\n URL: https://sso.jumpcloud.com/saml2/aws\n Username: XXXXX@XXXX.com\n Provider: JumpCloud\n MFA: DUO\n SkipVerify: false\n AmazonWebservicesURN: urn:amazon:webservices\n SessionDuration: 3600\n Profile: default\n RoleARN: \n Region: \n}" Authenticating as XXXXX@XXXX.com ... DEBU[0007] HTTP Req URL="https://console.jumpcloud.com/userconsole/auth" http=client method=POST DEBU[0007] HTTP Res Status="401 Unauthorized" http=client DEBU[0007] HTTP Req URL="https://console.jumpcloud.com/userconsole/auth/duo" http=client method=GET DEBU[0008] HTTP Res Status="404 Not Found" http=client error retrieving Duo configuration, non 200 status returned

[mapkon]

Anyone of you interestd in submitting a PR for this?