Configure Duo as a SAML source
Copy link

Create a new SAML Application in Duo
Copy link

  1. In the Duo Admin Portal, select Applications.
  2. Select Protect an Application.
  3. Search and select Generic Service Provider.
  4. Select the option with Protection Type 2FA with SSO hosted by Duo.

Add Service Provider metadata to Duo
Copy link

  1. In the Service Provider section of your cloud application in Duo, enter the Entity id and ACS URL.
  2. In the Entity id field, paste the Security Console Entity ID URL, for example: http://rapid7.com/nsc/console/…
  3. In the Assertion Consumer Service (ACS) URL field, paste the Security Console ACS URL, for example: https://<console-hostname>:<console-port>/saml/SSO
  4. If the ACS URL contains hostname/FQDN please set a Base Entity URL in the Vulnerability Management (InsightVM) Security Console

Configure attributes in Duo
Copy link

  1. On the DUO NameID format field set the format to nameid-format:emailAddress.
  2. Set the NameID attribute to Email Address.
  3. Set the Signature Algorithm to SHA-256.

Download and upload metadata
Copy link

  1. On DUO’s Metadata page, click Download XML Metadata file.
    1. In the Security Console, go the Administration page.
  2. In the Console section, click Authentication: 2FA and SSO.
  3. Click Configure SAML Source.
  4. Click Choose File and select the Azure metadata XML file.
  5. Click Save.
  6. Restart the console services.

Create a user in the Security Console
Copy link

  1. On the Administration page, under User Management, click Add User.
  2. Complete the required User Information fields. The E-mail address field is case sensitive, and must exactly match the existing IdP user account email value.
  3. Select SAML Authorization Method > SAML.
  4. Select the User Role.
  5. Assign Site and Asset Group Permissions.
  6. Click Save.

Authenticate to Vulnerability Management (InsightVM) using SAML
Copy link

  1. Login to your Duo application landing page.
  2. Select the Rapid7 Vulnerability Management (InsightVM) Console tile.