Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
13675
Views
0
Helpful
1
Comments

D326 Duo Release Notes for October 24, 2025

Rick Wong
Cisco Employee
Cisco Employee

on ‎10-24-2025 06:00 AM - edited on ‎10-27-2025 01:10 PM by Cisco Employee

Hello everyone! Here are the release notes for our most recent updates to Duo. 

Public release notes are published on the Customer Community every other Friday, the day after the D-release is completely rolled out to commercial deployments. You can subscribe to notifications for new release notes by following the process described here. Check the Duo cloud service release version for your Duo account from the Duo Admin Panel. 

If you have any questions about these changes, please comment below. 

Review the Guide to Duo End-of-Life and End-of-Support Plans. This guide provides an up-to-date list of current and past end-of-life plans for Duo products.

 

 

Cisco Duo 

 

New Features 

Now Generally Available: Policy Bulk Apply enables customers to apply and unassign authentication policies to multiple groups and integrations. Learn more in the Duo Blog

Continuing Beta: New Policy Editor - The new Duo policy editor, which began rolling out in September, has now reached 50% of Duo customers. 

Now Generally Available: New Admin API endpoint for listing configured external directory syncs.

Enhancements 

  • Added the ability to send Authentication Method Reference (AMR) values to applications protected by Duo Single Sign-On (SSO): 
    • AMR values allow downstream applications to know which authentication methods were used to help it decide what level of access to provide. 
    • Available as a mappable attribute on each application page: 
      • SAML applications: In “Mapped Attributes” under “IdP Attributes” select AMR from the drop-down to send it as a SAML attribute. 
      • OIDC applications: Sent as the claim amr in the id_token.
  • Added Zscaler Inc, as a supported macOS Passport application.
  • Added a new label and filter in authentication logs to differentiate between failed authentications due to a biometric policy violation. Authentications from devices which have biometrics configured but not used at authentication time are marked "Biometric verification failed" while those from a device which does not have biometrics configured are marked "Biometric verification disabled". 
  • The OIDC Auth API Authorization Request endpoint now supports optional arguments for destination application information in the request payload. Third-party SSO solutions may use the dest_app_name and dest_app_id arguments to pass information about the actual application a user is logging in to as part of the authorization request to Duo.

 

New and Updated Applications  

New Duo Single Sign-On Applications

 

  • There is one new named OIDC application: 
    • TestRail - automatic provisioning with generic SCIM unsupported.

 

  • Updates to two existing named SAML applications: 
    • RingCentral and LaunchDarkly – automatic provisioning with generic SCIM changed from supported but unverified to unsupported. 

 

Duo Desktop 7.12.1.0 for macOS Public Beta Released  

  • Improved device registration by preventing failures when the keychain is locked. 
  • Internal changes to support upcoming Duo Federal deployments for Secure Access. 

 

Duo Desktop 7.12.1 for Windows Public Beta Released  

  • Fixed an issue preventing Automatic Updates from being downloaded and installed. 
  • Internal changes to support upcoming Duo Federal deployments for Secure Access. 
  • Minor improvements to Secure Access communication resilience.  

 

Duo Mobile for Android 4.100.0 Released 

  • Miscellaneous bug fixes and behind-the-scenes improvements. 
     

Duo Mobile for iOS 4.100.0 Released 

  • Miscellaneous bug fixes and behind-the-scenes improvements. 

 
 

Bug Fixes 

  • Endpoint matching for os_type with trailing .0 will now match correctly. This was caused by differences between trailing .0s on os_type between our collection from Duo Desktop / Duo Mobile vs the useragent_string.  
  • Universal Prompt: When using Remembered Devices with a passcode authentication factor, Duo now only requires that the authentication factor used in the original authentication is still allowed by the current policy. Previously there had been a requirement that all passcode factors allowed in the original authentication must still be allowed by the current policy, regardless of the passcode factor actually used.  
  • Fixed an issue that could cause incomplete Duo Desktop registrations to incorrectly block devices when “Block devices presenting currently registered device identifiers” is enabled. 

 

Identity Intelligence 

 

Enhancements 

  • Cisco Identity Intelligence Integration with Splunk via AWS S3 - Cisco Identity Intelligence (CII) now supports integration with Splunk through AWS S3, starting with Splunk Security Cloud version 3.2.0! This new method complements our existing Splunk webhook integration. By utilizing AWS S3 as an intermediary, organizations can securely exchange data without expanding their security perimeter or adding extra DMZs. The dedicated AWS S3 connector ensures efficient, per-user event delivery and batch transfers. Customers maintain control of their AWS S3 storage and policies, while Cisco handles secure updates. Learn more on SplunkBase, in the Splunk CII User Guide, on our blog, or with the Interactive Walkthrough Demo. 

 

0 Helpful
Comments
DuoKristina
Cisco Employee
Cisco Employee
‎10-27-2025 01:12 PM

Updated post to add new directory sync Admin API endpoint and enhancements to the OIDC API authorization request endpoint.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
     
                  Duo Discussion Forums   Subscribe to Duo Release Notes      
 
 
Customers Also Viewed These Support Documents