Define Duo to authenticate Cortex XSOAR

Define the Duo application to provide single sign on (SSO) for Cortex XSOAR.
  1. Log in to Duo and click
    Applications
    .
  2. Click
    Protect an Application
    .
  3. Find
    Generic Service Provider - 2FA with SSO hosted by Duo (Single Sign-On)
    in the application list and click
    Protect
    .
  4. In the Service Provider section, enter the following, using the url of your Cortex XSOAR installation:
    Parameter
    Value
    Entity ID
    https://
    <cortexxsoarURL>
    Assertion Consumer Service
    https://
    <cortexxsoarURL>
    /saml
    Single Logout URL
    https://
    <cortexxsoarURL>
    /saml-logout
    Service Provider Login URL
    Keep this field blank.
    Default Relay State
    Keep this field blank.
  5. In the SAML Response section, change the following:
    1. Change the
      NameID format
      drop-down from
      urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
      to
      urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
      .
    2. Leave
      NameID attribute
      as
      <Email Address>
      and
      Signature algorithm
      as
      SHA256
      .
    3. In the
      Signing Options
      section, clear the
      Sign assertion
      checkbox.
  6. Map attributes:
    IdP Attribute
    SAML Response Attribute
    <Username>
    urn
    <Email Address>
    Email
    <First Name>
    FirstName
    <Last Name>
    LastName
  7. Role attributes:
    Parameter
    Value
    Attribute name
    memberOf
    Service Provider’s Role
    The SAML role in Cortex XSOAR that will be mapped to the Duo group
    Duo Groups
    The Duo group you created
  8. Click
    Save
    .

Recommended For You