DuoOIDC and forcedAuthn

John C. Pfeifer pfeifer at umd.edu
Thu Jun 9 17:41:21 UTC 2022

I am in the process of switching over to the DuoOIDC module (nimbus plugin). I have set idp.authn.DuoOIDC.forcedAuthenticationSupported to true. When I exercise that (after having already establishing an SSO session), I am required to do username/password and then am redirected though Duo but no user action is required (presumably due to the session in Duo still being valid). This is the behavior I expected, but there are those here who were hoping that this would require the user to “do Duo” again. Is there something in the configs that I am missing or are they living in a fantasy world?

John Pfeifer
Division of Information Technology
University of Maryland, College Park

More information about the users mailing list