Skip to main content
  • EN

AD_4nXdPot9DjwCXZwGYYaDV8pdGTFtZ0gv-sZjFLyiLZ0ZoT7QLR9jYqstWL2c42d-sEx_HwaGzGrSueCK0kLRa-SlWP85ue6TmwIQ1XkhkGvwSsT71pAXELH-ixIscmc-7UwBWIhQAog?key=n9aIwzmRkdPi2UQg_ClYJfb4

Netskope Global Technical Success (GTS)

Netskope Admin SSO - DUO

 

Netskope Cloud Version - 128

 

Objective

This document provides step-by-step instructions to configure SSO with DUO for Netskope Admin accounts, enabling seamless authentication and role-based access.

 

Prerequisites

DUO Admin Access – Required to configure SAML in Google Admin Console.

Netskope Admin Access – Required to enable SSO in the Netskope tenant.

 

Configuration

  1. Log in to your Cisco Duo Admin Panel.
  2. In the left-hand navigation menu, locate and click on “Applications”.
  3. Under the "Manage" section, click on “Applications” to view and manage the list of integrated applications.

    ​​​​
  4. Click Add Application, search for "Generic SAML Service Provider" in the App Catalog, and click Add to begin configuration.
  5. Set a name for the application, then copy the Entity ID and Single Sign-On URL from the application details page
  6. Scroll to the certificate section and download the Identity Provider (IdP) certificate as shown in the screenshot below
  7. Switch to your Netskope Console and go to Settings > Administration > SSO > Add New Account.
  8. Configure the SSO account as shown below by pasting the Single Sign-On URL and Entity ID copied from Duo, and uploading the certificate downloaded from Duo. 

    Note: The UI in the screenshot shows an additional Domain field because multiple IdP SSO configurations is enabled on my tenant. You can ignore this if you have only one IDP SSO provider.

  9. Click the Save button, then navigate to Netskope Settings.
  10. Copy the displayed URLs from Netskope Settings to add them in Duo.
  11. In Duo, under the Service Provider section, paste the values you copied from Netskope.
  12. Under the Role Attribute section, enter "admin-role" as the attribute name. In the Service Provider Role section, specify the role you want to assign (e.g., "Tenant Admin"). Also, add the desired user group.

Save the configuration in Duo, then test the setup by logging into Netskope.

 

Terms and Conditions

  • All documented information undergoes testing and verification to ensure accuracy.
  • In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

Notes

  • This article is authored by Netskope Global Technical Success (GTS).
  • For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.
Be the first to reply!

Badges Winner

Show all badges

Not finding what you're looking for?

Don't be shy and let us know about your challenge.

Ask your question here!
Terms & ConditionsCookie settings