Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all, was curious if anyone has a recommendation for how to accomplish my use case with Duo, or knows it may not be possible.
I sell a web-based application for customers to install on their own websites. It has its own internal user database and ...
Curious if there’s a Duo module or recommended SAML config method to protect apps behind apache or nginx so the SAML auth can occur at the web server level instead of the app, or just for site access?
I’ve got a client with Duo set to block browsers if they’re out of date by a month. They have users with Windows build 18363, which appears to date to December, and is otherwise still supported. That release, if fully patched, has Edge 18.18363. D...
Curious if anyone has heard dates on when Duo will support tokens in Safari. Safari 13 has been out a while now and my users still can’t use their Yubikeys with it and Duo; I’d have hoped Duo would have been ahead of the curve getting ready for it w...
We have a policy blocking access to applications if Java is installed. We have a user being blocked for having Java, the Duo log simply says Java is “enabled”, it doesn’t show a version. As best I can tell, the machine in question has not had a Jav...
This is a frustrating weakness in the platform. I put in a feature request related to this about a year ago; no progress yet. I asked that there be a way to set via policy that the authenticating device cannot be the same as where the app requestin...
Unfortunately that’s accurate; they have hard coded to only work with that entity. Nonsensical choice on their part given it appears they’re just using SAML regardless; guess we can just complain to them or take the biz elsewhere.
Dooley:
Quick update here, as I know this is a popular feature request:
Firefox has a different implementation of U2F compared to Chrome with a newer protocol, and we are working on a project to implement support for that protocol universally ac...
