Level Up QA
The Authentication Proxy in Action

The Authentication Proxy in Action

The Duo Authentication Proxy is a key component for many protected applications. Learn practical tips for configuring, troubleshooting, and optimizing the Authentication Proxy in your environment.

Cancel Apply

rate limit

Code not recognized.

About this course

A properly configured Duo Authentication Proxy is essential in providing the best Duo experience for both administrators and end-users. This on-premises software service is a component of many Duo integrations by adding two-factor authentication to on-premises applications, as well as communicating with the Duo cloud service to return access approval or denials. In addition to providing two-factor authentication, the Duo Authentication Proxy is required for importing Active Directory or OpenLDAP users into Duo via sync, Active Directory authentication for Duo Single Sign-On, and can also act as an HTTP proxy itself for other systems that also need to contact Duo's cloud service.

This course will introduce how the Authentication Proxy handles communication between applications, identity sources, and the Duo cloud service. We will also explore how to configure and troubleshoot the Authentication Proxy, as well as introduce key best practices to configure your setup for high availability and business continuity in the event of a service disruption. 

By the end of this course, you should be able to:

  • Describe how the Authentication Proxy interacts with external identity stores and communicates with the Duo cloud service
  • Create and edit the Authentication Proxy configuration file (authproxy.cfg) based on the environment
  • Enable debug logging and interpret logs for troubleshooting issues, including practical tips to diagnose:
    • Connectivity issues using the the Connectivity Tool
    • Errors in the Authentication Proxy log
    • The Authentication Proxy service failing to start
  • Configure the Authentication Proxy for high availability and business continuity for preparedness in the event of a service disruption 

Curriculum

  • Introduction
  • Installing the Authentication Proxy
  • Visualize the Authentication Flow
  • Building the Configuration File
  • Configuring the Authentication Proxy
  • Example: Single Application Config File
  • Workshop: Building authproxy.cfg for a Single Application
  • Multiple Appliances & Identity Servers
  • Example: Multi-Server Config File
  • Workshop: Building authproxy.cfg for Multiple Applications
  • Additional Tips for Building Config Files
  • Troubleshooting the Authentication Proxy
  • Authentication Proxy Service Dependencies
  • Video: Troubleshooting Duo Authentication Proxy Issues - 11:17 (Optional)
  • PDF: Troubleshooting the Duo Authentication Proxy
  • Logs & Troubleshooting Tools
  • Fixes & Additional Resources
  • High Availability & Business Continuity
  • High Availability & Business Continuity
  • Working With Multiple Authentication Proxy Servers
  • Workshop: Configuring a Second Authentication Proxy Server
  • Monitoring the Authentication Proxy & Duo Cloud Service
  • Taking the Next Step
  • Knowledge Check
  • Share feedback (Optional)
  • Course Complete

About this course

A properly configured Duo Authentication Proxy is essential in providing the best Duo experience for both administrators and end-users. This on-premises software service is a component of many Duo integrations by adding two-factor authentication to on-premises applications, as well as communicating with the Duo cloud service to return access approval or denials. In addition to providing two-factor authentication, the Duo Authentication Proxy is required for importing Active Directory or OpenLDAP users into Duo via sync, Active Directory authentication for Duo Single Sign-On, and can also act as an HTTP proxy itself for other systems that also need to contact Duo's cloud service.

This course will introduce how the Authentication Proxy handles communication between applications, identity sources, and the Duo cloud service. We will also explore how to configure and troubleshoot the Authentication Proxy, as well as introduce key best practices to configure your setup for high availability and business continuity in the event of a service disruption. 

By the end of this course, you should be able to:

  • Describe how the Authentication Proxy interacts with external identity stores and communicates with the Duo cloud service
  • Create and edit the Authentication Proxy configuration file (authproxy.cfg) based on the environment
  • Enable debug logging and interpret logs for troubleshooting issues, including practical tips to diagnose:
    • Connectivity issues using the the Connectivity Tool
    • Errors in the Authentication Proxy log
    • The Authentication Proxy service failing to start
  • Configure the Authentication Proxy for high availability and business continuity for preparedness in the event of a service disruption 

Curriculum

  • Introduction
  • Installing the Authentication Proxy
  • Visualize the Authentication Flow
  • Building the Configuration File
  • Configuring the Authentication Proxy
  • Example: Single Application Config File
  • Workshop: Building authproxy.cfg for a Single Application
  • Multiple Appliances & Identity Servers
  • Example: Multi-Server Config File
  • Workshop: Building authproxy.cfg for Multiple Applications
  • Additional Tips for Building Config Files
  • Troubleshooting the Authentication Proxy
  • Authentication Proxy Service Dependencies
  • Video: Troubleshooting Duo Authentication Proxy Issues - 11:17 (Optional)
  • PDF: Troubleshooting the Duo Authentication Proxy
  • Logs & Troubleshooting Tools
  • Fixes & Additional Resources
  • High Availability & Business Continuity
  • High Availability & Business Continuity
  • Working With Multiple Authentication Proxy Servers
  • Workshop: Configuring a Second Authentication Proxy Server
  • Monitoring the Authentication Proxy & Duo Cloud Service
  • Taking the Next Step
  • Knowledge Check
  • Share feedback (Optional)
  • Course Complete