Duo Security

38 min

the duo security connector enables secure access management by integrating two factor authentication services with the swimlane turbine platform duo security provides a robust suite of security features aimed at protecting user identities and ensuring secure access across your organization with the duo security turbine connector, you can seamlessly integrate advanced identity verification and access management into your security workflows enhance your security posture by managing user associations, updating administrator attributes, and retrieving critical security data such as bypass codes and user details directly within swimlane turbine this integration empowers soc teams to automate identity management tasks, enforce security policies, and respond to incidents with greater speed and efficiency prerequisites to effectively utilize the duo security connector for turbine, ensure you have the following prerequisites duo security hmac authentication with the following parameters url the api endpoint url for duo security services username your duo security account username secret key a unique key provided by duo security for hmac authentication capabilities this connector provides the following capabilities associate phone device with user modify administrator retrieve administrators retrieve bypass codes retrieve phones by user id retrieve phones retrieve user by user id retrieve users update user asset setup setting up the duo security connector requires configuring hmac authentication here are the necessary details url a url to the target host username use your duo application's integration key as the http username secret key this key is required for hmac authentication verify ssl certificates choose if you want to verify ssl certificates when connecting http(s) proxy if you route requests through a proxy, specify it here ensure that you've filled in the mandatory fields url , username , and secret key configurations duo hmac authenticates using duo's hmac configuration parameters parameter description type required url a url to the target host string required username use your duo application's integration key as the http username string required secret key secret key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions associate phone with user associates a specified phone with a user in duo security using user id and phone id 'grant write resource' api permission is required input argument name type required description user id string required unique identifier phone id string required unique identifier output parameter type description status code number http status code of the response reason string response reason phrase success boolean whether the operation was successful example \[ { "status code" 200, "reason" "ok", "json body" { "success" true } } ] modify administrator update attributes of a specified administrator in duo security using the admin's unique identifier input argument name type required description admin id string required unique identifier name string optional name of the resource phone string optional parameter for modify administrator password string optional parameter for modify administrator password change required boolean optional parameter for modify administrator status string optional status value output parameter type description status code number http status code of the response reason string response reason phrase success boolean whether the operation was successful example \[ { "status code" 200, "reason" "ok", "json body" { "success" true } } ] retrieve administrators retrieve a comprehensive list of administrators from duo security input argument name type required description limit number optional parameter for retrieve administrators offset number optional parameter for retrieve administrators output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "json body" \[ {}, {} ] } ] retrieve bypass codes retrieve a list of bypass codes from duo security to facilitate secure, temporary access without standard authentication input argument name type required description limit number optional parameter for retrieve bypass codes offset number optional parameter for retrieve bypass codes output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "json body" \[ {} ] } ] retrieve phones retrieve a paginated list of phones from duo security, including details like phone number and device type input argument name type required description limit number optional parameter for retrieve phones offset number optional parameter for retrieve phones output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "json body" \[ {}, {} ] } ] retrieve phones by user id retrieve a list of phones linked to a specific user id in duo security, presented in a paginated format input argument name type required description user id string required unique identifier output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "json body" {} } ] retrieve user by user id retrieve details for a specific user in duo security using the provided user id input argument name type required description user id string required unique identifier output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "json body" {} } ] retrieve users generates a paged list of users from duo security, providing an overview of registered individuals input argument name type required description limit number optional parameter for retrieve users offset number optional parameter for retrieve users output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "reason" "ok", "json body" \[ {}, {} ] } ] update user modify a user's details such as username, real name, status, or notes in duo security using the provided user id input argument name type required description user id string required unique identifier username string optional name of the resource realname string optional name of the resource status string optional status value notes string optional parameter for update user email string optional parameter for update user firstname string optional name of the resource lastname string optional name of the resource alias1 string optional parameter for update user alias2 string optional parameter for update user alias3 string optional parameter for update user alias4 string optional parameter for update user aliases string optional parameter for update user output parameter type description status code number http status code of the response reason string response reason phrase success boolean whether the operation was successful example \[ { "status code" 200, "reason" "ok", "json body" { "success" true } } ] notes always ensure you have the necessary permissions in duo before trying to modify or fetch data for more in depth information and potential use cases, refer to the duo security admin api documentation https //duo com/docs/adminapi duo client api docs https //github com/duosecurity/duo client python