Hello Community. I was wondering if anyone out there has implemented or is familiar with connecting your K2 environment with SSO through Duo authentication? (https://duo.com/) Was looking for any help or guidance.
We just had a support call where we attempted to set this up but were unable do so due to needing to obtain an additional (licensed) Microsoft product to make it work. The available options are different for K2Cloud and K2Five (On Prem).
For K2Five (On Prem), you can do WS-Federaion so any system that supports WS-Federation (like Okta and Ping Identity) would work. Duo doesn't currently support WS-Federation, unfortunately, but it does have a connector into ADFS that will allow you to use ADFS as the go-between to K2. So, basically, you can do this if you use ADFS as your IDP and if your ADFS is set up to use Duo via an ADFS/Duo plug-in Module.
For K2Cloud, the only SSO option at present is Azure Active Directory. If you have the appropriate (Premier) level of service in AzureAD, then you are able to plug Duo into AzureAD and plug AzureAD into K2. It sounds like there is the possibility of other WS-Federation providers being added at some point but not are available as of right now.
In summary, my understanding is that the current state is that there is currently no direct integration between K2 and Duo for either on-prem or cloud but Duo integration can be achieved through a third party (Microsoft) go-between such as ADFS or AzureAD if you have the proper Microsoft licensing level to support it.