Edit: Oops, I misunderstood your question initially. I am rather new to my role and still learning. Yes, my expert colleague Kristina explains in this post that Duo Access Gateway is a SAML 2.0 capable identity provider (or IdP).
You can set up Duo to protect Connectwise Manage via SSO using the generic SAML service provider:
- Deploy Duo Access Gateway
- Point it to Active Directory as the primary authentication source
- Set up SSO for ConnectWise Manage. When you do this you’ll be bouncing between the Duo Admin Panel (where you create the generic SAML application using whatever parameters/attributes ConnectWise recommends), your Duo Access Gateway server’s admin interface (where you add the application you created in the Duo Admin Panel), and the ConnectWise management console (where you tell it to use Duo for SSO).
This might be a good reference for you: https://docs.connectwise.com/ConnectWise_Documentation/090/020/070/140/SAML_and_SSO_Frequently_Asked_Questions
Thanks to @DuoKristina for this answer!