Script stopped working after DUO MFA enabled for Shibboleth

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Script stopped working after DUO MFA enabled for Shibboleth

Jacky
Hi,

I'm experimenting with MFA (DUO) on Shibboleth (V3.2.1).
I have a script that worked fine to get temporary AWS access/secret key. It stopped working with returned message "Response did not contain a valid SAML assertion".
Here is the link to the script: http://federationworkshopreinvent2016.s3-website-us-east-1.amazonaws.com/cli/samlapi_formauth.py
And the link how to enable DUO: https://duo.com/docs/shibboleth

My questions are:
* What caused the script stopped working? Was it DUO?
* DUO works with GUI, is it possible to work with CLI?
* Is it possible to enable DUO based on user type, say only admin role need DUO?

Thank you,

Jacky