Open alandotcom opened 4 years ago
Are you able to get this to function via Duo Push? I was able to edit some of the code to send a push but cannot verify_factor then.
@radsec no, it does not work with Duo Push. We were specifically told by the Duo support team that it won't work with push (due to how the onelogin<>duo integration works)
We're using OneLogin + Duo. Recently, we tried setting up saml2aws but ran into a few issues.
First, it was necessary to change a few things in saml2aws to get it working the v2 of their API, as well as adding supporting for Duo as an MFA option.
https://github.com/reciprocity/saml2aws/pull/2/files
I plan on cleaning this up, fixing the tests, and pushing a PR in the future. Any help is appreciated!
Second, we spent quite some time with Duo & OneLogin support, as the normal process for setting up Duo and OneLogin was not sufficient. Below I'll paste the instructions we had to follow:
Apparently, we had to use the "Partner Auth API", which was different than how it was originally setup.
OneLogin does not document this very well. In case anyone else is testing this out, here's a very basic script for testing that you can get a valid SAML assertion from OneLogin:
https://gist.github.com/lumberj/fa1fef183005c726946644342a368473