1. Home
  2. General Support
  3. DUO: Verifying an End-User By Sending them a Push Notification Through the DUO Mobile App

DUO: Verifying an End-User By Sending them a Push Notification Through the DUO Mobile App

Introduction

Duo (https://duo.com) is a popular identity verification platform. You can use it in MSP Process to acheive two goals:

  • To secure the login process of anyone looking to access your MSP Process account at https://app.mspprocess.com. This capability requires the Duo Web SDK to be configured. Click here for the KB article that outlines how to set this up.
  • During the end-user verification process; Duo can be used instead of sending the user a verification code via e-mail or SMS. This capability requires the Duo Accounts API and Admin API to be configured.

This KB article will take you through all of the steps required to do the second scenario - to use Duo to verify your end-users, including setting up 2 entities in Duo (their Accounts API and Admin API entities) and configuring the appropriate settings within MSP Process.

Step 1: Protecting the 'Accounts API' Application in Duo

What is the Accounts API? The Accounts API allows Duo MSP partners to create, update, and delete managed Duo Security customer accounts.

Steps to Take in the Duo Admin Portal:

  1. Login to the Duo Admin portal (https://admin.duosecurity.com/) - you must be an Owner-level user in Duo
  2. From the left-hand menu, navigate to Application -> Protect an Application
  3. Search for "Accounts API" in the Search field
  4. Click on the Protect button beside Accounts API
  5. In the Basic Configuration section, change Name field to say "Accounts API for MSP Process"
  6. In the Details section, copy the Integration Key, Secret Key and API Hostname; you'll need them later
  7. Click Save

Steps to Take in MSP Process:

  1. Login to the MSP Process portal (https://app.mspprocess.com)
  2. Navigate to Integrations -> Security Integrations
  3. Click the Duo Accounts API button
  4. Specify a name for the integration, and then enter the Integration Key, Secret Key and API Hostname from what you setup earlier in the Duo Admin Portal.
  5. Click Submit when you're done.

Step 2: Protecting the 'Auth API' Application in Duo

What is the DUO Auth API? Duo Auth API is a low-level, RESTful API for adding strong two-factor authentication to your website or application.

NOTE: You'll need to repeat the steps in this section for each sub-account that you want MSP Process to be able to access.

Steps to Take in the Duo Admin Portal:

  1. Login to the DUO Admin portal (https://admin.duosecurity.com/)
  2. From the left-hand menu, navigate to Application -> Protect an Application
  3. Search for "Auth API" in the Search field
  4. Click on the Protect button beside DUO Auth API
  5. In the Basic Configuration section, choose the Enable for all users option
  6. In the Details section, copy the Integration Key, Secret Key and API Hostname; you'll need them later
  7. In the Settings section, change Name field to say "Auth API for MSP Process"
  8. Click Save

Steps to Take in MSP Process:

  1. In MSP Process, navigate to Integrations -> Security Integrations
  2. Click the Add new integration button
  3. Click the Duo Auth API button
  4. Specify a name for the integration, and then enter the Integration Key, Secret Key and API Hostname from what you setup earlier in the Duo Admin Portal.
  5. Click Submit when you're done.

Congratulations! You've Done It!

You've now setup the required entities in Duo, and configured MSP Process with the information it needs to start using Duo to verify the identity of your end-users.