I’m trying to enable DUO SSO for webex (Conrtol Hub). Azure AD is configured as authentication source.
I made all steps according to this guide https://duo.com/docs/sso-webex#top. But when I test SSO on Control Hub page I see such error: Cannot create NameID. Source attribute ‘Email’ does not exist.
At the same time I see logs about successful login to webex in DUO and Azure admin panels. Moreover DUO creates a new user.
Seems that something wrong with NameID format or attributes. In Azure nameID format uses user.mail: NameID Format=“urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress”
In SAML tracer I see that webex sends nameID in transient format: Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:transient”
Also in SAML tracer I see that correct Email attribute is sending as webex expects: Attribute Name=“http://schemas.xmlsoap.org/ws/2005/05/identity/claims/Email”>
I opened case to webex and DUO team but everybody told me that everything was Ok from their side.
I read appropriate topic on the DUO KB and checked configuration many times, but issue is still here.
I would appreciate everyone who can help solve this issue. Thanks!