Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
626
Views
0
Helpful
2
Replies

DUO SSO from Visual Studio

Tim Wallace
Level 1
Level 1

‎09-21-2023 12:02 PM - edited ‎09-22-2023 10:22 AM

I am working on a contract that requires the use of DUO SSO. The application is a .NET Core application. In the past, I have used other IdPs that support providing https://localhost:1234 (some port number) as the redirect URL so that one can test the IdP authentication from within the Visual Studio (or any other) IDE. I have tried that with DUO SSO, but as of yet I am getting an error on the /authentication step and am not sure if this is contributing to the error. has anyone else successfully used DUO SSO while debugging their application on their local computer? If so, are there any tips/hints you can give that I may be missing? Thanks in advance.

UPDATE: the part that was not working was because of the AuthenticationMethod and ResponseMode. I changed the values to "RedirectGet" and "query", respectively, and the authentication worked. Thank you to the two community members who responded to this post.

Labels:
0 Helpful
2 Replies 2

ahmedbilal9870
Level 1
Level 1

‎09-21-2023 12:08 PM

Configuring and testing Single Sign-On (SSO) with Duo Security for a .NET Core application in a local development environment can be a bit tricky but is certainly doable. It's essential to set up the integration correctly to avoid issues during debugging. Here's a general approach to help you get started and troubleshoot any issues:

  1. Duo SSO Configuration:

    • Ensure that you have set up your Duo SSO application correctly within the Duo Admin Panel. Make sure that the Redirect URL is configured appropriately for your local development environment. For local testing, it should be set to https://localhost:1234 or the specific port you are using.

    • Verify that you have added the appropriate integration keys and secret keys in your .NET Core application's configuration settings.

  2. SSL Configuration:

    • For Duo SSO to work with local host you may need to have a self-signed SSL certificate configured on your local development environment. You can create one using tools like OpenSSL or use development tools like "dotnet dev-certs" for .NET Core. Ensure that your application uses this SSL certificate.

  3. Local Development Server:

    • Make sure that your .NET Core application is running locally and listening on the specified port (e.g., 1234). Ensure that your application is set up to use HTTPS with the self-signed certificate.

  4. Firewall and Proxy Settings:

    • Check your firewall settings and ensure that your local development server is accessible via HTTPS on the specified port. Sometimes, firewall settings can block incoming requests.

    • If you are behind a corporate firewall or proxy, make sure that your local development environment can reach Duo's servers over the internet. Duo might need to communicate with its servers for authentication.

  5. Logging and Error Handling:

    • Implement detailed logging in your .NET Core application, especially during the authentication process. This can help you identify the specific issue you're encountering.

    • Check the logs for any error messages or exceptions during the authentication process. Duo might provide error codes or messages that can help diagnose the problem.

  6. Testing Flow:

    • Test your SSO flow step by step. Start with initiating authentication and ensure that the redirect URL matches what you've configured in Duo.

    • Check if Duo is correctly redirecting back to your local environment after authentication.

  7. Duo Support and Documentation:

    • If you're still facing issues, reach out to Duo Security's support. They can provide specific guidance and assistance for your integration.

  8. Community Resources:

    • Check forums, communities, or GitHub repositories for other developers who might have faced similar issues with Duo SSO integration in .NET Core. They might share their solutions or workarounds.

Remember that security and authentication issues can be complex, so it's essential to follow best practices and ensure that your local development environment closely mirrors your production environment. Additionally, keep sensitive information, such as API keys and secrets, secure and never hardcode them in your code.

Finally, testing SSO with Duo in a local development environment can sometimes be challenging due to network and security constraints, so thorough testing in a controlled environment is crucial before deploying to production.

0 Helpful

DuoKristina
Cisco Employee
Cisco Employee

‎09-22-2023 09:37 AM

So, the solution you are trying to create will have your .NET core application perform SAML or OIDC authentication to Duo's SSO service, and Duo SSO is configured to point to either Active Directory or another SAML identity provider for primary credential authentication?

What error are you receiving?

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents