The Duo Auth API is a low-level, RESTful API for adding strong two-factor authentication to your website or application.
Prerequisites
- Admin Login credentials for the DUO Auth.
- Username, Secret key, API host.
Configuration
Generate the API Credentials on the DUO Auth
First, you’ll need to add the Duo Admin API to your Duo instance.
- Log into the admin portal located at https://admin.duosecurity.com
- Click Applications -> Protect an Application
- Select the DUO Admin API
4. Select the highlighted check boxes for permissions.
5. Copy the keys – Once the “Duo Admin API” application is created, you’ll need to copy the hostname and key values to use in the Duo Log Sync configuration.
5. Save the Integration Key (ikey), Secret key (skey) and API hostname (hostname) values here to populate the configuration script and proceed further.
Configure a feed in Chronicle
- Open Settings in Chronicle and browser to Feeds
- In Feeds, click Add New
3. Select Third party API source type and then select DUO Auth as log source as shown in below image
4. Click Next after which you have to enter the following parameters:
USERNAME : Need to provide the username as “Admin API” which is mentioned in the DUO Auth.
SECRET: Need to provide the Secret Key which you get from the Admin API Details
API HOSTNAME: Need to provide the API host name which you get from the Admin API Details.
5. Click Next and Finalize
Comments
0 comments
Please sign in to leave a comment.