diff --git a/docs/docs/configuration/providers/cisco_duo.md b/docs/docs/configuration/providers/cisco_duo.md
new file mode 100644
index 00000000..a92eccdb
--- /dev/null
+++ b/docs/docs/configuration/providers/cisco_duo.md
@@ -0,0 +1,44 @@
+---
+id: cisco_duo
+title: Cisco Duo
+---
+
+Cisco Duo SSO can be configured with OAuth2 Proxy using the OIDC provider.
+
+1. Create a new **Generic OIDC Relying Party - Single Sign-On** application in the Duo Admin Portal
+2. Configure OAuth2 Proxy with the following options:
+
+```
+provider = "oidc"
+provider_display_name = "Duo SSO"
+scope = "openid email profile"
+pass_access_token = true
+code_challenge_method = "S256"
+```
+
+3. Configure Provider endpoints. Copy the following values from the corresponding fields in the Duo Admin Portal:
+
+```
+# Copy from "Client ID" field
+client_id = "XXXXXXXX"
+
+# Copy from "Client Secret" field
+client_secret = "XXXXXXXX"
+
+# Copy from "Issuer" field
+oidc_issuer_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx"
+
+# Copy from "JWKS URL" field
+oidc_jwks_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx/jwks"
+
+# Copy from "Token Introspection URL" field
+validate_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx/token_introspection"
+
+# Copy from "UserInfo" field
+profile_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx/userinfo"
+
+# Copy from "Token URL" field
+redeem_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx/token"
+```
+
+4. Complete Configuration by filling in any remaining required fields and save your configuration.
diff --git a/docs/docs/configuration/providers/index.md b/docs/docs/configuration/providers/index.md
index 3d3938ff..6f333e5a 100644
--- a/docs/docs/configuration/providers/index.md
+++ b/docs/docs/configuration/providers/index.md
@@ -11,6 +11,7 @@ Valid providers are :
 - [ADFS](adfs.md)
 - [Bitbucket](bitbucket.md)
 - [Cidaas](cidaas.md)
+- [CiscoDuo](cisco_duo.md)
 - [DigitalOcean](digitalocean.md)
 - [Facebook](facebook.md)
 - [Gitea](gitea.md)
diff --git a/docs/sidebars.js b/docs/sidebars.js
index 0a1bf0b4..7af8cf47 100644
--- a/docs/sidebars.js
+++ b/docs/sidebars.js
@@ -34,6 +34,8 @@ const sidebars = {
             "configuration/providers/adfs",
             "configuration/providers/azure",
             "configuration/providers/bitbucket",
+            "configuration/providers/cidaas",
+            "configuration/providers/cisco_duo",
             "configuration/providers/digitalocean",
             "configuration/providers/facebook",
             "configuration/providers/gitea",
diff --git a/docs/versioned_docs/version-7.13.x/configuration/providers/cisco_duo.md b/docs/versioned_docs/version-7.13.x/configuration/providers/cisco_duo.md
new file mode 100644
index 00000000..a92eccdb
--- /dev/null
+++ b/docs/versioned_docs/version-7.13.x/configuration/providers/cisco_duo.md
@@ -0,0 +1,44 @@
+---
+id: cisco_duo
+title: Cisco Duo
+---
+
+Cisco Duo SSO can be configured with OAuth2 Proxy using the OIDC provider.
+
+1. Create a new **Generic OIDC Relying Party - Single Sign-On** application in the Duo Admin Portal
+2. Configure OAuth2 Proxy with the following options:
+
+```
+provider = "oidc"
+provider_display_name = "Duo SSO"
+scope = "openid email profile"
+pass_access_token = true
+code_challenge_method = "S256"
+```
+
+3. Configure Provider endpoints. Copy the following values from the corresponding fields in the Duo Admin Portal:
+
+```
+# Copy from "Client ID" field
+client_id = "XXXXXXXX"
+
+# Copy from "Client Secret" field
+client_secret = "XXXXXXXX"
+
+# Copy from "Issuer" field
+oidc_issuer_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx"
+
+# Copy from "JWKS URL" field
+oidc_jwks_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx/jwks"
+
+# Copy from "Token Introspection URL" field
+validate_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx/token_introspection"
+
+# Copy from "UserInfo" field
+profile_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx/userinfo"
+
+# Copy from "Token URL" field
+redeem_url = "https://sso-xxxxxxxx.sso.duosecurity.com/oidc/xxxxxxxx/token"
+```
+
+4. Complete Configuration by filling in any remaining required fields and save your configuration.
diff --git a/docs/versioned_docs/version-7.13.x/configuration/providers/index.md b/docs/versioned_docs/version-7.13.x/configuration/providers/index.md
index 3d3938ff..6f333e5a 100644
--- a/docs/versioned_docs/version-7.13.x/configuration/providers/index.md
+++ b/docs/versioned_docs/version-7.13.x/configuration/providers/index.md
@@ -11,6 +11,7 @@ Valid providers are :
 - [ADFS](adfs.md)
 - [Bitbucket](bitbucket.md)
 - [Cidaas](cidaas.md)
+- [CiscoDuo](cisco_duo.md)
 - [DigitalOcean](digitalocean.md)
 - [Facebook](facebook.md)
 - [Gitea](gitea.md)
diff --git a/docs/versioned_sidebars/version-7.13.x-sidebars.json b/docs/versioned_sidebars/version-7.13.x-sidebars.json
index 3f5eb854..debf4491 100644
--- a/docs/versioned_sidebars/version-7.13.x-sidebars.json
+++ b/docs/versioned_sidebars/version-7.13.x-sidebars.json
@@ -34,6 +34,8 @@
             "configuration/providers/adfs",
             "configuration/providers/azure",
             "configuration/providers/bitbucket",
+            "configuration/providers/cidaas",
+            "configuration/providers/cisco_duo",
             "configuration/providers/digitalocean",
             "configuration/providers/facebook",
             "configuration/providers/gitea",