Issue with DUO and ADFS Users

Saltuk · May 14, 2020, 7:11pm

We want to have MFA using Duo enabled also for users from ADFS.

The problem is that the Auth0 user_id of such users is in the form “user_id”: “TestAdfs|testuser@auth0testdomain.com” - containing a pipe “|” in it. And Duo SDK explicitly disallows usernames to contain pipes - duo_nodejs/duo.js at master · duosecurity/duo_nodejs · GitHub

Would you be able to help us here? I tried to google for how to configure ADFS enterprise connection and Duo at the same time, but did not find anything.

Saltuk · May 14, 2020, 7:13pm

With DUO MFA, it is possible to customize the MFA rule to send a custom username attribute. On our reference DUO rule, this attribute is disabled. On the following gist, I have used this attribute to send the user id with pipe characters removed.

konrad.sopala · May 15, 2020, 9:00am

Thanks for sharing that Saltuk!

Saltuk · May 30, 2020, 9:12am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Duo MultiFactor- Unauthorized Help auth0 , mfa , mfa-duo	16	5220	September 6, 2019
2 factor authentication is not working with Duo Help mfa , duo-security-factor	3	55	November 1, 2024
DUO MFA asking users to re-enroll even though they already are registered with DUO Knowledge Articles mfa-duo , enroll	0	1592	November 11, 2022
Importing users and devices from DUO Help duo , mfa-duo	2	3310	April 21, 2020
Custom Login UI with Duo MFA Help mfa , duo	2	3940	December 17, 2018

Issue with DUO and ADFS Users

Related topics