DUO Login expired error

Josh

• November 11, 2025 01:41

I've been using DUO 2FA since it's been enabled without any issues and recently I noticed that after authenticating with DUO I get an error that my Login has expired.  I've tried disabling and re-enabling DUO.  TOTP works fine and as expected but DUO isn't working.  I'm unable to downgrade from 2025.3.0 to 2025.2.0 so will try spinning up a test server to try and replicate the error with 2025.2.0 to see if it's something that broke with the update in September.

Below is a screenshot with the error.  I've checked DUO admin logs and everything looks fine and authentications are working.  It just seems that after the authentication things are getting passed back to the server correctly.

Any thoughts or input are welcome.  I'll reply with my testing when I'm able to install 2025.2.0.

Thanks
Josh

1

• 

  Josh

  • November 11, 2025 03:20

  Well I installed 2025.1.1 and 2025.2.0 and I get the same error message so I'm not sure what's going on.  

  Since it's happening with multiple versions I suspect it may be something with how DUO is interfacing with Cerberus.

  1
• 

  Josh

  • November 11, 2025 20:43

  I've done some more troubleshooting and this appears to be a bug the implementation of DUO in Cerberus.  DUO updated their app and now enforces stricter OIDC semantics.

  I posted something in the "Report a Bug" Community forum.

  https://support.cerberusftp.com/hc/en-us/community/posts/46444811192467-Duo-Universal-Prompt-Integration-Fails-with-Login-Expired

  1
• 

  Connor Woolfolk

  Community Manager

  • November 13, 2025 14:31

  Hello Josh,

  Thanks so much for sending this in. We'll handle this tin the ticket that you submitted since there may be some back and forth required.

  0

Please sign in to leave a comment.