InsightConnect Marketplace

Duo Auth API

Back to Marketplace

Duo Auth API

v1.0.3

Duo's Trusted Access platform verifies the identity of your users with two-factor authentication and security health of their devices before they connect to the apps they use. The Duo Auth plugin for Rapid7 InsightConnect enables users to create and send two-factor authentication push notifications

Tags: duo, auth


Actions
  • Auth

Description

Duo's Trusted Access platform verifies the identity of your users with two-factor authentication and security health of their devices before they connect to the apps they use. The Duo Auth InsightConnect plugin enables users to create and send push notifications from within automation workflows.

Key Features

  • Send push notifications for two-factor authentication

Requirements

  • Requires a Duo integration key
  • Requires a Duo secret key
  • Requires a Duo hostname

Documentation

Setup

Name Type Default Required Description Enum
hostname string None True Enter the Duo API hostname and secret key None
integration_key credential_secret_key None True API integration key None
secret_key credential_secret_key None True API secret key None

Technical Details

Actions

Auth

This action is used to perform second-factor authentication.

Options

The "Options" field is used to specify additional parameters that may be necessary depending on the authentication factor selected. "Options" accepts the following parameters in JSON format username, passcode, pushinfo, type.

Example input:

{
    "type": "Transfer",
    "pushinfo": {
        "hello": "world",
        "host": "suspicious-host"
    }
}
Push
Parameter Required? Description
device Required ID of the device. This device must have the "push" capability. You may also specify "auto" to use the first of the user's devices with the "push" capability.
type Optional This string is displayed in the Duo Mobile app before the word "request". The default is "Login", so the phrase "Login request" appears in the push notification text and on the request details screen. You may want to specify "Transaction", "Transfer", etc.
display_username Optional String to display in Duo Mobile in place of the user's Duo username.
pushinfo Optional A set of URL-encoded key/value pairs with additional contextual information associated with this authentication attempt. The Duo Mobile app will display this information to the user. For example: from=login%20portal&domain=example.com. The URL-encoded string's total length must be less than 20,000 bytes.
Passcode
Parameter Required? Description
passcode true Passcode entered by the user.
Phone
Parameter Required? Description
device true ID of the device to call. This device must have the "phone" capability. You may also specify "auto" to use the first of the user's devices with the "phone" capability.
SMS
Parameter Required? Description
device true ID of the device to send passcodes to. This device must have the "sms" capability. You may also specify "auto" to use the first of the user's devices with the "sms" capability.
Input
Name Type Default Required Description Enum
username string None False Username is required if user_id is not provided None
user_id string None False User ID None
factor string auto False Factor to use for authentication ['auto', 'push', 'passcode', 'sms', 'phone']
device string auto False Device ID to use for auth None
async bool None False Set to true for an async response None
ipaddr string None False The IP address of the user to be authenticated, in dotted quad format. This will cause an 'allow' response to be sent if appropriate for requests from a trusted network None
options object None False Additional options required by the API None
Output
Name Type Required Description
status string False Status
status_msg string False Status message
trusted_device_token string False Trusted device token
result string False Either allow or deny
txid string False TX ID

Example output:


{
  "log": "Connect: Connecting..\n",
  "status": "ok",
  "meta": {},
  "output": {
    "result": "allow",
    "status": "allow",
    "status_msg": "Success. Logging you in..."
  }

Triggers

This plugin does not contain any triggers.

Custom Output Types

This plugin does not contain any custom output types.

Troubleshooting

This plugin does not contain any troubleshooting information.

Version History

  • 1.0.3 - Upgraded duo_client in requirements.txt to version 4.0.0 | Upgraded duo_client in vendor folder to version 4.0.0 | Use input and output constants | Change docker image from komand/python-3-plugin:2 to komand/python-3-37-slim-plugin:3 to reduce plugin image size
  • 1.0.2 - New spec and help.md format for the Hub
  • 1.0.1 - Support type parameter as push_type in the options input of the Auth action
  • 1.0.0 - Update to v2 Python plugin architecture | Support web server mode | Update to new credential types | Add example output
  • 0.1.1 - SSL bug fix in SDK
  • 0.1.0 - Initial plugin

Links

References

plugin_spec_version: v2
extension: plugin
products: [insightconnect]
name: duo_auth
title: Duo Auth API
vendor: rapid7
support: rapid7
status: []
description: Duo's Trusted Access platform verifies the identity of your users with two-factor authentication and security health of their devices before they connect to the apps they use. The Duo Auth plugin for Rapid7 InsightConnect enables users to create and send two-factor authentication push notifications
version: 1.0.3
resources:
  source_url: https://github.com/rapid7/insightconnect-plugins/tree/master/duo_auth
  license_url: https://github.com/rapid7/insightconnect-plugins/blob/master/LICENSE
  vendor_url: https://duo.com
tags:
- duo
- auth
hub_tags:
  use_cases: [devops]
  keywords: [duo, auth]
  features: []
connection:
  integration_key:
    type: credential_secret_key
    description: API integration key
    required: true
  secret_key:
    type: credential_secret_key
    description: API secret key
    required: true
  hostname:
    title: API Hostname
    description: Enter the Duo API hostname and secret key
    type: string
    required: true
actions:
  auth:
    title: Auth
    description: Perform second-factor authentication
    input:
      user_id:
        type: string
        description: User ID
        required: false
      username:
        type: string
        description: Username is required if user_id is not provided
        required: false
      factor:
        type: string
        description: Factor to use for authentication
        default: auto
        enum:
        - auto
        - push
        - passcode
        - sms
        - phone
        required: false
      ipaddr:
        type: string
        description: The IP address of the user to be authenticated, in dotted quad
          format. This will cause an 'allow' response to be sent if appropriate for
          requests from a trusted network
        required: false
      async:
        type: bool
        description: Set to true for an async response
        required: false
      device:
        type: string
        description: Device ID to use for auth
        default: auto
        required: false
      options:
        type: object
        description: Additional options required by the API
        required: false
    output:
      result:
        type: string
        description: Either allow or deny
        required: false
      status:
        type: string
        description: Status
        required: false
      status_msg:
        type: string
        description: Status message
        required: false
      trusted_device_token:
        description: Trusted device token
        type: string
        required: false
      txid:
        description: TX ID
        type: string
        required: false
Other plugins
Cymon
Rapid7   |   v2.0.1
Plugin
Get
Check Point NGFW
Rapid7   |   v1.3.0
Plugin
Get
VirusTotal
Rapid7   |   v6.0.2
Plugin
Get
WHOIS
Rapid7   |   v2.0.0
Plugin
Get
Trend Micro Deep Security
Rapid7   |   v2.0.0
Plugin
Get