IdP 3.2 and multiple Duo Applications

Cantor, Scott cantor.2 at
Tue Dec 15 20:01:08 EST 2015

On 12/15/15, 7:12 PM, "users on behalf of Yavor Yanakiev" <users-bounces at on behalf of yavor at> wrote:

>We use Duo integration based on Unicon/University of Chicago setup but it seems to have one crucial limitation: it doesn't support multiple Duo application. At the moment, the Duo arguments related to the application are provided by properties with fixed
> names which are hard coded into DuoAuthenticationService.groovy

I think that's largely impractical, based on my understanding, because you would need separate shared secrets and identification strings for every SP for that to work. One could build out some kind of table logic to handle it for a subset I guess, but it appears to just be largely impractical to me with their design. A flaw I think, but not sure it's really solvable.

-- Scott

More information about the users mailing list