Issue with DUO and ADFS Users

Saltuk · May 14, 2020, 7:11pm

We want to have MFA using Duo enabled also for users from ADFS.

The problem is that the Auth0 user_id of such users is in the form “user_id”: “TestAdfs|testuser@auth0testdomain.com” - containing a pipe “|” in it. And Duo SDK explicitly disallows usernames to contain pipes - duo_nodejs/duo.js at master · duosecurity/duo_nodejs · GitHub

Would you be able to help us here? I tried to google for how to configure ADFS enterprise connection and Duo at the same time, but did not find anything.

Saltuk · May 14, 2020, 7:13pm

With DUO MFA, it is possible to customize the MFA rule to send a custom username attribute. On our reference DUO rule, this attribute is disabled. On the following gist, I have used this attribute to send the user id with pipe characters removed.

konrad.sopala · May 15, 2020, 9:00am

Thanks for sharing that Saltuk!

Saltuk · May 30, 2020, 9:12am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
2 factor authentication is not working with Duo Help mfa , duo-security-factor	3	51	November 1, 2024
Change DUO authentication method Help auth0 , mfa , mfa-duo	3	2948	July 22, 2020
Custom Database Migrating Users That already have a MFA OTP secret Help mfa , one-time-password-otp-factor	4	163	June 27, 2024
Setup different MFA options for different applications under same account Help mfa , mfa-sms	4	2782	March 15, 2021
Sync User MFA on login - Custom Database Connection Help mfa , connections , custom-database-connections	5	1245	August 14, 2024

Issue with DUO and ADFS Users

Related Topics