1. Home
  2. General Support
  3. DUO: Verifying an End-User By Sending them a Push Notification Through the DUO Mobile App

DUO: Verifying an End-User By Sending them a Push Notification Through the DUO Mobile App

Introduction

DUO (https://duo.com) is a popular identity verification platform. You can use it in MSP Process to acheive two goals:

  • To secure the login process of anyone looking to access your MSP Process account at https://app.mspprocess.com. This capability requires the DUO Web SDK to be configured. Click here for the KB article that outlines how to set this up.
  • During the end-user verification process; DUO can be used instead of sending the user a verification code via e-mail or SMS. This capability requires the DUO Auth API and Admin API to be configured.

This KB article will take you through all of the steps required to do the second scenario - to use DUO to verify your end-users, including setting up 2 entities in DUO (their Auth API and Admin API entities) and configuring the appropriate settings within MSP Process.

Step 1: Protecting the 'Accounts API' Application in DUO

What is the Accounts API? The Accounts API allows Duo MSP partners to create, update, and delete managed Duo Security customer accounts.

  1. Login to the DUO Admin portal (https://admin.duosecurity.com/)
  2. From the left-hand menu, navigate to Application -> Protect an Application
  3. Search for "Accounts API" in the Search field
  4. Click on the Protect button beside Accounts API
  5. In the Details section, copy the Integration Key, Secret Key and API Hostname; you'll need them later
  6. In the Settings section, change Name field to say "Accounts API for MSP Process"
  7. Click Save

Step 2: Protecting the 'Auth API' Application in DUO

What is the DUO Auth API? Duo Auth API is a low-level, RESTful API for adding strong two-factor authentication to your website or application.

NOTE: You'll need to repeat the steps in this section for each sub-account that you want MSP Process to be able to access.

  1. Login to the DUO Admin portal (https://admin.duosecurity.com/)
  2. From the left-hand menu, navigate to Application -> Protect an Application
  3. Search for "Auth API" in the Search field
  4. Click on the Protect button beside DUO Auth API
  5. In the Details section, copy the Integration Key, Secret Key and API Hostname; you'll need them later
  6. In the Settings section, change Name field to say "Auth API for MSP Process"
  7. Click Save

Step 3: Configuring MSP Process to Use DUO

  1. Login to the MSP Process portal (https://app.mspprocess.com)
  2. Navigate to Integrations -> Security Integrations
  3. Click the Add new integration button
  4. Click the DUO Accounts API button; specify a name, and then enter the Integration Key, Secret Key and API Hostname from Step #1. Click Submit when you're done.

     4. Repeat steps 3 and 4 for the DUO Auth API - you'll need to create one instance for each sub-account in DUO that you want MSP Process to be able to access. 

 

Congratulations! You're Done!

You've now setup the required entities in DUO, and configured MSP Process with the information it needs to start using DUO to verify the identity of your end-users.