duo

Create Duo MFA method

This endpoint creates a new MFA method of type Duo.

Parameters

• method_name (string) - The unique name identifier for this MFA method. Supported from Vault 1.13.0.

• username_format (string) - A template string for mapping Identity names to MFA methods. Values to substitute should be placed in {{}}. For example, "{{identity.entity.name}}". If blank, the Entity's Name field is used as-is.

• secret_key (string: <required>) - Secret key for Duo.

• integration_key (string: <required>) - Integration key for Duo.

• api_hostname (string: <required>) - API hostname for Duo.

• push_info (string) - Push information for Duo.

• use_passcode (bool: false) - If true, the user is reminded to use the passcode upon MFA validation.

Sample payload

{
  "username_format": "{{identity.entity.aliases.auth_userpass_1793464a.name}}",
  "secret_key": "BIACEUEAXI20BNWTEYXT",
  "integration_key": "8C7THtrIigh2rPZQMbguugt8IUftWhMRCOBzbuyz",
  "api_hostname": "api-2b5c39f5.duosecurity.com",
  "method_name": "ns1_duo"
}

Sample request

Sample response

Update Duo MFA method

This endpoint updates the configuration of an MFA method of type Duo.

Parameters

• method_id (string: <required>) - UUID of the MFA method.

• and all of the parameters documented under the preceding "Create" endpoint.

Sample payload

Identical to the preceding "Create" endpoint.

Sample request

Read Duo MFA method

This endpoint queries the MFA configuration of Duo type for a given method ID.

Parameters

• id (string: <required>) – UUID of the MFA method.

Sample request

Sample response

Delete Duo MFA method

This endpoint deletes a Duo MFA method. MFA methods can only be deleted if they're not currently in use by a login enforcement.

Parameters

• method_id (string: <required>) - UUID of the MFA method.

Sample request

List Duo MFA methods

This endpoint lists Duo MFA methods that are visible in the current namespace or in parent namespaces.

Sample request

Sample response