When both the IdP factor and the Duo Security MFA factor are active, then users subject to an effective sign-on policy that requires multifactor will see both the traditional Duo Prompt factor and the new Duo OIDC factor available for them to use in Okta. Plan to migrate your users to the new Duo OIDC IdP factor with Duo Universal Prompt from the legacy Duo Security MFA factor (with traditional Duo Prompt) in stages. Migration from Duo MFA Factor to Duo OIDC Factor See Duo Knowledge Base article 7546 for additional guidance. If your organization requires IP-based rules, please review Duo Knowledge Base article 1337.Įffective June 30, 2023, Duo no longer supports TLS 1.0 or 1.1 connections or insecure TLS/SSL cipher suites. This application communicates with Duo's service on SSL TCP port 443.įirewall configurations that restrict outbound access to Duo's service with rules using destination IP addresses or IP address ranges aren't recommended, since these may change over time to maintain our service's high availability. Deploy the traditional Duo Prompt Okta MFA Factor configuration instead. Duo Federal plans do not include support for the Duo custom OIDC IdP factor solution. Duo Requirementsĭuo MFA for Okta with Universal Prompt is available to Duo Premier, Duo Advantage, and Duo Essentials commercial plans. If you have concerns about your upcoming platform migration please contact Okta support. If unsure, confirm with Okta Support.Ĭustom factor-only identity providers and sign-on policies created for Duo in Okta Classic should remain intact through an Okta Identity Engine tenant migration. Okta Identity Engine customers - You should already have the required features enabled in your Okta tenant.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |