Creating a DUO real-time webhook

Edit online

You can use a webhook to send and receive data from a predefined third party for a specific workflow.

About this task

The webhook can be used for external multi-factor authentication (MFA) only.

Procedure

  1. Navigate to Integrations > Real-time webhooks.
    The page displays any webhooks that exist. The table displays the name, purpose, configuration status, connection, last success, and last failure information.
  2. Click Create webhook.
    The purpose for the webhook is prefilled as External MFA. You cannot change it.
  3. Select the provider for MFA.
    Select the preconfigured provider, DUO.
  4. Provide a credential prefix.
    A 1-6 character alphanumeric prefix without any common symbols that is added to each factor capability at run time and is referenced by access policy evaluations. This value must be unique across all configured MFA providers within your IBM® Verify tenant. Within Verify, an external MFA factor is identified as "{credentialPrefix}:{capability}". The credential prefix value must not contain a colon (:).
  5. Click Next.
  6. Provide a name for the webhook.
    You can also specify an owner and email contact information.
  7. Provide the URL to the API hostname for your DUO account.
  8. Provide your header credentials.
    These values are provided with your DUO account.
  9. Optional: Test your connection and payload.
    You can test you connection later after you create the webhook.
  10. Click Create.
    Your webhook is displayed.
  11. On the Configuration tab, you can take the following actions.
    1. Enable or disable the provider.
    2. View the version of the API that you want to use.
      The field is read only.
    3. Change the unique identifier attribute that is sent to the external provider.
    4. Specify the authentication methods.
      These methods are preset by Duo Security and cannot be modified.
    5. Edit the Resource transforms.
  12. On the Connection details tab, you can take the following actions.
    1. Change the name of the webhook.
    2. Change the owner contact information.
    3. Change your API hostname URL.
  13. From the side navigation, you can take the following actions.
    1. Test your webhook connection and payload.
    2. View the details of the webhook.