Define the Duo application to provide single sign on (SSO) for Cortex XSOAR.
Before you start, create a Duo group for Cortex XSOAR users.
Log in to Duo and click Applications.
Click Protect an Application.
Find Generic Service Provider - 2FA with SSO hosted by Duo (Single Sign-On) in the application list and click Protect.
In the Service Provider section, enter the following, using the url of your Cortex XSOAR installation:
Parameter
Value
Entity ID
https://
<cortexxsoarURL>
Assertion Consumer Service
https://
<cortexxsoarURL>
/samlSingle Logout URL
https://
<cortexxsoarURL>
/saml-logoutService Provider Login URL
Keep this field blank.
Default Relay State
Keep this field blank.
In the SAML Response section, change the following:
Change the NameID format drop-down from
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
tourn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
.Leave NameID attribute as
<Email Address>
and Signature algorithm asSHA256
.In the Signing Options section, clear the
Sign assertion
checkbox.
Map attributes:
IdP Attribute
SAML Response Attribute
<Username>
urn
<Email Address>
Email
<First Name>
FirstName
<Last Name>
LastName
Role attributes:
Parameter
Value
Attribute name
memberOf
Service Provider’s Role
The SAML role in Cortex XSOAR that will be mapped to the Duo group
Duo Groups
The Duo group you created
Click Save.