Back to top

Search Results

Duo Security SAML SSO Setup


Duo can provide access to multiple single-sign on providers. Follow this simple guide to get your Duo account tied to your account.

Configuration Steps

Sign in as an Duo Administrator

  • Click on the Applications tab
  • Click on the Protect Application Button
  • Search for SAML – Service Provider
  • Click on Protect this application link


Specify Service Provider Settings

Service provider name: DeliverySlip
Entity ID: Contact for entity id
Assertion Consumer Service:


Specify SAML Respose Settings

NameID format: Leave as default (urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress)
NameID attribute: mail
Send attributes: Select NameID
Signature algorithm: SHA-256
Sign response: Checked
Sign assertion: Checked


SAML Map Attributes

Add the following map attributes

IdP Attribute SAML Response Attribute
mail Email
mail Logon
givenName FirstName
sn LastName


Additional Settings

Name: SAML – Deliveryslip
Username normalization: Select Simple


Click on Save. The page will refresh and in the Configure SAML Service Provider section, you should see a link to Download your configuration file. Click on this link to save the file – this file is used to add the new application to the Duo Access Gateway.


Duo Access Gateway

  • Log onto the Duo Access Gateway
  • Click on the Applications tab
  • Browse to then upload the SAML configuration file previously downloaded


Once the application is configured, click on the Download XML Metadata link. This will create a file named dag.xml. Send this file with your account information to We will complete the configuration on our end and send final instructions.