Duo security provides a great way of authenticating your users for your self-hosted Humio installation.
Before configuring SAML authentication, a few things needs to be in place:
Open your DAG and take note of the following parameters from the Applications page
Save the certificate to a known location on your Humio host.
Change the following configuration properties in Humio
PUBLIC_URL(See explanation in configuration properties))
SAML_IDP_SIGN_ON_URLto the value of “SSO URL” from the DAG
SAML_IDP_ENTITY_IDto the value of “Entity ID” from the DAG
SAML_IDP_CERTIFICATEwith the location of your DAG certificate. If running the Docker image, please make sure you have mounted a certs volume by adding the following volume
Read the output of
http://$YOUR_HUMIO_URL:$PORT/api/v1/saml/metadata and take notes of the following values
md:EntityDescriptor#entityID, which should be a url starting with your
md:AssertionConsumerService#Location, which should be a url starting with your
Log into your Duo account and add a new “Generic SAML Service Provider”, where