cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
806
Views
0
Helpful
1
Replies

Duo SSO for intranet sites

sigveo
Level 1
Level 1

Hello. We have Duo SSO set up with Active Directory as identity source. Can we use Duo SSO and Duo Central for local intranet web applications for users accessing the application from intranet? In other words; does the login url for the application need to be publicly available?

1 Reply 1

DuoPablo
Cisco Employee
Cisco Employee

Hi @sigveo ,

Duo SSO (a SAML IdP) is hosted in the cloud, so it must be able to communicate to your application’s (a SAML Service Provider) ACS URL. Additionally, your application must be able to communicate with Duo SSO’s /metadata and /sso URLs, which are publicly accessible upon creation of the application in the Duo Admin Panel (Single Sign-On for Generic SAML Service Providers | Duo Security).

If you are looking to protect an internal application, please see if it is compatible with RADIUS, LDAPS, WebSDK, or Auth API.

Hope this helps!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links