hiltwine.blogg.se

DUO ADMIN LOGIN PAGE HOW TO

If a user accesses the self-service portal while logging into the Office 365 Application, the authentication methods they can enroll are determined by the enabled authentication methods in the Office 365 application’s policy.

The self-service portal policy applies to access into the self-service portal but once a user has gained access, the authentication methods they can enroll are determined by the policy of the originating protected application.

User location (you can use this policy to block use of the self-service portal, but not to bypass it).

Any policy that could bypass authentication will be ignored and all users will be required to authenticate (or blocked if specified in policy).

Users in bypass status will be unable to access the self-service portal.

Even if you apply a remembered devices policy to the self-service portal, it will not take effect.

Remembered devices is disabled on the self-service portal as users should always have to authenticate to manage their devices.

The self-service portal page shows the policies enabled. If self-service portal policy isn't already enabled, select the radio button next to Use the policies below to control access to the self-service portal at the top of the page.Ĭlick Apply policies. Once you have configured the settings, click Save. See application options for more information. These settings are a portion of the same settings seen in a 2FA application's settings. Learn more about the recommended settings for the self-service portal policy.

We recommend only enabling the following authentication methods:

Follow the policy documentation on how to create and apply a custom application policy.ĭuo recommends only allowing phishing-resistant authentication methods. Under "Policy" click on Apply a policy to all users to apply a self-service portal policy for all users.

Log into the Duo Admin Panel and click Policies in the left sidebar.Ĭlick on Self-Service Portal in the left sidebar under "Policies". To enable the self-service portal policy: Access to the self-service portal is still enabled on a per-application basis. This policy will be applied anywhere the self-service portal is enabled. This allows for stricter access while maintaining a different policy for normal application access. You can apply a separate policy to the self-service portal within the Universal Prompt and Duo Central device management. If you enable self-service for an application, consider disabling phone callback as an authentication method or applying some additional policy controls to the application, such as restricting User Location to your expected countries, or reducing your max credits per action telephony setting to only the credit amount needed for phone calls to your users' expected locations to avoid telephony misuse via the self-service portal. Check the Let users manage their devices box to enable self-service for that application.Ĭlick the Save Changes button at the bottom of the application's properties page. The self-service portal configuration option is present under "Settings" if the application supports the self-service portal feature. Log into the Duo Admin Panel and click Applications in the left sidebar.Ĭlick an application's name to open that application's properties page. To enable self-service for one of your applications: Role required: Owner, Administrator, or Application Manager.ĭuo's self-service portal is enabled on a per-application basis.

The self-service portal is an available option for Duo web-based applications, select VPN applications, Duo Single Sign-On and Duo Access Gateway applications, Microsoft applications, and any Duo applications that offer inline self-enrollment and authentication prompt via the browser. The self-service portal feature is part of the Duo Premier, Duo Advantage, and Duo Essentials plans. Your users can add, edit, and remove authentication methods from the Duo traditional prompt or Universal Prompt while logging in to protected applications. Overviewĭuo's self-service portal saves time for both administrators and end users by eliminating the need to contact IT staff for authentication device changes. Empower your users with the ability to manage their authentication devices by enabling Duo's self-service portal for your applications.

DUO ADMIN LOGIN PAGE HOW TO