Good morning all:
I am new with Azure and DUO as well. I have configured the Conditional Access of the Azure AD to use the DUO MFA according with this video:
https://www.youtube.com/watch?v=eIP__C1NXho
Everything is working fine so far, the only thing is that I need to explain to the customer what I did, and the communication between Azure and Duo seems almost transparent to me. In the Conditional Access configuration there is a Json file, that uses OpenID Connect, but I don't understand which information is exchanged between Azure and DUO.
This is the json I see in Azure:
{"Name": "Duo Security","xxxxxxxxxxxxxxx","ClientId": "yyyyyyyyyyyyyyyyyyyyyyy","DiscoveryUrl": "https://eu-west.azureauth.duosecurity.com/.well-known/openid-configuration","Controls": [ {"Id": "RequireDuoMfa","Name": "RequireDuoMfa","ClaimsRequested": [ {"Type": "DuoMfa","Value": "MfaDone","Values": null } ],"Claims": null } ] }
Can someone point out some information regarding this? So I would like to understand more about those claims, what data is passed to DUO, what that Azure get if the MFA succeed, , etc.
Thanks