Federating Okta with Duo Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Tristan RohrerTristan Rohrer 

Federating Okta with Duo

Hi All,

I'm very new to Okta, but I need to get a head start on a very important component of our project - federation with our partner organizations. We have a partner who is interested in federating with us, and they currently use Duo Security for authentication. I know that Okta already has some Duo integration built-in, however, it seems tailored toward integrating our own company's Duo (which we do not use). 

I'm thinking we would need to create an inbound SAML IdP in Okta, and then they could configure our Okta tenant as the SP in Duo, but I'm curious if anyone has worked with this scenario before and can confirm that line of thought.

Bogdan MusatBogdan Musat (Okta, Inc.)
Thank you for reaching out to Okta, my name is Bogdan.
The only way that I can see this type of integration working is to somehow have the DUO MFA before actually federating with Okta.
The users should be prompted for DUO before they are asked to sign-in into Okta, if your customer has a way that would allow them to setup a policy that would prompt their user for DUO that would be perfect.
However, I would recommend opening a ticket with Okta support for us to have a better understanding of the integration that you would like.

Thank you,
Bogda Musat