AWS scripted authN via IdP with Duo 2FA

IAM David Bantz dabantz at alaska.edu
Mon Aug 14 16:15:30 EDT 2017


My colleague needs to leverage our existing IdP-AWS integration for
scripted logins to use AWS APIs.  The script provided by AWS at
https://aws.amazon.com/blogs/security/how-to-implement-a-general-solution-for-federated-apicli-access-using-saml-2-0/
works for users who do *not* use Duo in the IdP, but it does not extend to
those with Duo enabled because it does not know to consume and provide
appropriate responses as user agent to the Duo prompts for choice of 2nd
factor (push, phone, key, etc.).

We're hoping someone here has successfully done such integration and is
willing to share how you did it.

David Bantz
UA OIT IAM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170814/fa0abe3d/attachment.html>


More information about the users mailing list