A Quick and Easy Guide

Configuring Duo Enterprise MFA

Aditum MFA Graphic

Configuring Duo is simple and quick, Assuming you already have your account setup with Duo. However before beginning the steps below you do need to either setup new user accounts in Duo to match your portal user logins, or add your BuildingISP portal login name as an Alias to your existing user account. Said another way, you are going to need to be able to MFA to the Duo account you are connecting to using the same username that you log into the portal with, in order to complete the steps below.

If you have any additional questions or need further assistance, please reach out to your Aditum Support team for help.
  1. Login to the Admin Panel and click on Protect an Application inside the Applications tab.
  2. Search for application “Web SDK” and click Protect
  3. You should see a Client ID, Client Secret and a API Hostname field displayed, these will be entered in step 7 below.
    1. You must use the new Universal Prompt option, Traditional Prompt is not supported.
    2. The Display name of the application can be changed towards the bottom of the screen, it will default to Web SDK but you should change it to something more descriptive like BuildingISP.
  4. Log into the Building ISP portal using the appropriate credentials necessary for configuring the account. The required access level is explained below
    1. Partner MFA requires Partner Admin credentials to setup or modify
    2. Client MFA requires Property Admin credentials to setup or modify
  5. Navigate to the Security Tab on either the Partner Admin or the Client Settings page
  6. Change Multi Factor Mode from Email to Duo
  7. Enter the Client ID, Client Secret and API Hostname from Step 3 and click Save MFA Settings.
    1. This will generate a popup MFA prompt which some browsers may block, you need to allow the popup to proceed.
    2. Successfully authenticate through the MFA prompt within 30 seconds and your settings will be automatically saved.
    3. If you cannot authenticate, no settings will be saved, The most common cause of failure is not having the username you are signed into the Building ISP portal with being setup as an account or alias of an account within Duo.
    4. This may be an issue if the partner is trying to authenticate the account settings for a Client that uses their own Duo account, to accomplish this the client must setup Duo within the portal themselves, or add the partner user account to their Duo account.
  8. All new sign in processes will use Duo going forward, and re-MFA against Duo when logging on if more than 6 hours have passed since the last MFA occurred.
    1. It is important to note that the 30 day grace periods of prior remembered MFA authentications from users that have performed Email MFA will still be honored for the remainder of that 30 days, or until the users password is reset, or the user clicks Log Off from inside the portal.
    2. Clicking Log Off will trigger the portal to always forget the MFA status of that computer and erases the 6 hour reactivation window.

Call us today to get started

Contact one of our Multi-Tenant Internet Provider Resellers to get Connected

Request a sales call

Empowering Connectivity Nationwide: Experience Seamless Internet Solutions with Aditum Connect.

Twitter Linkedin Youtube Envelope

Quick Links

Useful Links

Newsletter Signup

    Copyright © 2023 Aditum Connect Inc.