There are only two required components: 1) a SAML service provider (SP) - in this case, the Meraki Dashboard 2) a SAML identity provider (IdP) ADFS and the Duo DAG can both serve as SAML IdPs. Provided you follow the AD group info I listed earlier, using the Duo DAG is pretty simple. The flow is simple: the DAG sends you a push (via the Duo cloud), and then redirects you to the Dashboard after authentication. If, however, you already have ADFS deployed, it might make more sense to use ADFS as the SAML IdP. In that case, you would follow the guide to use ADFS as the SAML IdP with Meraki. If you then want to tie in Duo, you'd have to follow the ADFS guide here as well. The flow here is similar but not quite the same: ADFS would authenticate you via whatever policy you configure, then use the Duo cloud to send you a push, and then redirect you to the Dashboard. In my mind, using only the DAG is simpler, but it's not as feature-rich of an IdP as ADFS or F5's APM.
... View more