Central Authentication Server (CAS): Duo Security

Duo Security's two-factor authentication is able to secure access to Central Authentication Server (CAS) deployments, complete with self-service enrollment and Duo Prompt.

Duo Security does not provide a native CAS integration. Unicon includes support for Duo in their third-party multifactor module for CAS 4.1.x. See Unicon's CAS-MFA project wiki for additional information.

CAS 5.0.x includes Duo multifactor support. See the CAS Documentation for configuration instructions.

First Steps

Sign up for a Duo account.
Log in to the Duo Admin Panel and navigate to Applications.
Click Protect an Application and locate CAS (Central Authentication Service) in the applications list. Click Protect this Application to get your integration key, secret key, and API hostname. (See Getting Started for help.)

Connectivity Requirements

This integration communicates with Duo's service on TCP port 443. Also, we do not recommend locking down your firewall to individual IP addresses, since these may change over time to maintain our service's high availability.

Configure CAS

Download and apply the Unicon MFA plugin overlay for CAS 4.1.x to your CAS deployment or configure Duo within CAS 5.0.x, using the application information from step one above.

Troubleshooting

Need some help? Take a look at our CAS Knowledge Base articles or Community discussions. For further assistance, contact Support.

Documentation