Configuring the DUO external MFA provider

Edit online

Configure DUO as an external multi-factor authentication provider.

Before you begin

Ensure that you obtained the access token from your API client.

Procedure

Create the DUO external MFA provider by using the following CURL example.

In the example, substitute the following values.

{{tenant}}: Your Verify tenant name.
{{access token}}: The access token obtained from client credentials grant.
{{webhook id}}: The id of the DUO real-time webhook.
{{attribute name}}: The name of the Verify attribute that defines a mapping from a Verify user account attribute to your DUO usernames. The attribute can be one of the standard predefined attributes or a custom attribute, including those attributes that are supported by an advanced rule.

DUO external MFA provider example

curl --location --request POST 'https://{{tenant}}/config/v1.0/mfaproviders' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{access token}}' \
--data-raw '{
    "name": "DUO Security",
    "description": "ISV - DUO integration",
    "enabled": true,
    "type": "duo",
    "credentialPrefix": "duo",
    "webhookId": "{{webhook id}}",
    "uniqueNameAttribute": "{{attribute name}}",
    "capabilities": [
        "smsotp",
        "push",
        "hotp"
    ],
    "capabilityCacheTtl": 0
}'