PingFederate® is a full-featured federation server that provides identity management, web single sign-on, and API security for customers, partners, and employees. Users can securely access the applications they require with a single identity using any device. PingFederate® supports all of the current identity standards including SAML, WS-Federation, WS-Trust, OAuth, and OpenID Connect.
Duo's two-factor authentication is now available for PingFederate SSO user logins.
This integration communicates with Duo's service on TCP port 443. Also, we do not recommend locking down your firewall to individual IP addresses, since these may change over time to maintain our service's high availability.
The security of your Duo application is tied to the security of your secret key (skey). Secure it as you would any sensitive credential. Don't share it with unauthorized individuals or email it to anyone under any circumstances!
Download the Duo Security Integration Kit from PingFederate Server Integration Kits Downloads.
Refer to Ping Identity's Duo Security Integration Kit Product Documentation for installation and configuration instructions. Follow the directions to deploy Duo in your PingFederate environment.
To update your installed Duo integration kit to a newer version you'll need to:
Download the most recent version of the Duo integration kit from PingFederate Server Integration Kits Downloads.
Extract the contents of the downloaded ZIP file and copy those files to your Ping server(s), replacing the existing Duo kit files.
Restart PingFederate services.
See the Upgrade from a previous installation section in Ping's documentation for complete instructions. You'll need to update each server in your PingFederate cluster separately.