Duo Security

the duo security connector enables secure access management by integrating two factor authentication services with the swimlane turbine platform duo security provides a robust suite of security features aimed at protecting user identities and ensuring secure access across your organization with the duo security turbine connector, you can seamlessly integrate advanced identity verification and access management into your security workflows enhance your security posture by managing user associations, updating administrator attributes, and retrieving critical security data such as bypass codes and user details directly within swimlane turbine this integration empowers soc teams to automate identity management tasks, enforce security policies, and respond to incidents with greater speed and efficiency prerequisites to effectively utilize the duo security connector for turbine, ensure you have the following prerequisites duo security hmac authentication with the following parameters url the api endpoint url for duo security services username your duo security account username secret key a unique key provided by duo security for hmac authentication capabilities this connector provides the following capabilities associate phone device with user modify administrator retrieve administrators retrieve bypass codes retrieve phones by user id retrieve phones retrieve user by user id retrieve users update user asset setup setting up the duo security connector requires configuring hmac authentication here are the necessary details url a url to the target host username use your duo application's integration key as the http username secret key this key is required for hmac authentication verify ssl certificates choose if you want to verify ssl certificates when connecting http(s) proxy if you route requests through a proxy, specify it here ensure that you've filled in the mandatory fields url , username , and secret key notes always ensure you have the necessary permissions in duo before trying to modify or fetch data for more in depth information and potential use cases, refer to the https //duo com/docs/adminapi https //github com/duosecurity/duo client python configurations duo hmac authenticates using duo's hmac configuration parameters parameter description type required url a url to the target host string required username use your duo application's integration key as the http username string required secret key secret key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions associate phone with user associates a specified phone with a user in duo security using user id and phone id 'grant write resource' api permission is required input argument name type required description user id string required unique identifier phone id string required unique identifier input example {"user id" "af456y","phone id" "12573883"} output parameter type description status code number http status code of the response reason string response reason phrase success boolean whether the operation was successful output example {"status code" 200,"reason" "ok","json body" {"success"\ true}} modify administrator update attributes of a specified administrator in duo security using the admin's unique identifier input argument name type required description admin id string required unique identifier name string optional name of the resource phone string optional parameter for modify administrator password string optional parameter for modify administrator password change required boolean optional parameter for modify administrator status string optional status value input example {"admin id" "1241234567890","name" "jones","phone" "+1234567890","password" "lorempass","password change required"\ true,"status" "active"} output parameter type description status code number http status code of the response reason string response reason phrase success boolean whether the operation was successful output example {"status code" 200,"reason" "ok","json body" {"success"\ true}} retrieve administrators retrieve a comprehensive list of administrators from duo security input argument name type required description limit number optional parameter for retrieve administrators offset number optional parameter for retrieve administrators input example {"limit" 100,"offset" 0} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","json body" \[{"alias1" "adam admin\@gds pri","alias2"\ null,"alias3"\ null,"alias4"\ null,"aliases" {},"created" 1650553488,"desktoptokens" \[],"email" "","enable auto prompt"\ true,"external id" "n4hm9fejmugweqjqoylwla==","firstname" "","groups" \[],"is enrolled"\ false,"last directory sync" 1718625924,"last login"\ null},{"alias1" "adfs\@gds pri","alias2"\ null,"alias3"\ null,"alias4"\ null,"aliases" {},"created" 1578667011,"desktoptokens" \[],"email" "","enable auto prompt" retrieve bypass codes retrieve a list of bypass codes from duo security to facilitate secure, temporary access without standard authentication input argument name type required description limit number optional parameter for retrieve bypass codes offset number optional parameter for retrieve bypass codes input example {"limit" 100,"offset" 0} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","json body" \[{"admin email" "jont+gds\@getgds com","bypass code id" "dbfqmktw4wsilq4z76nh","created" 1642379903,"expiration"\ null,"reuse count"\ null,"user" {}}]} retrieve phones retrieve a paginated list of phones from duo security, including details like phone number and device type input argument name type required description limit number optional parameter for retrieve phones offset number optional parameter for retrieve phones input example {"limit" 100,"offset" 0} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","json body" \[{"activated"\ true,"capabilities" \[],"extension" "","last seen" "2024 06 15t11 36 45","model" "samsung sm n960u","name" "","number" "+13373718943","phone id" "dpa5j8lv75ecqr4f38v2","platform" "google android","postdelay" "","predelay" "","sms passcodes sent"\ true,"type" "mobile","users" \[]},{"activated"\ true,"capabilities" \[],"extension" "","last seen" "2024 06 17t10 02 10","model" "google pixel 8","name" "","number" "+13375523259","phone id" "dpibyos retrieve phones by user id retrieve a list of phones linked to a specific user id in duo security, presented in a paginated format input argument name type required description user id string required unique identifier input example {"user id" "af345d"} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","json body" {}} retrieve user by user id retrieve details for a specific user in duo security using the provided user id input argument name type required description user id string required unique identifier input example {"user id" "af345d"} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","json body" {}} retrieve users generates a paged list of users from duo security, providing an overview of registered individuals input argument name type required description limit number optional parameter for retrieve users offset number optional parameter for retrieve users input example {"limit" 100,"offset" 0} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"reason" "ok","json body" \[{"alias1" "adam admin\@gds pri","alias2"\ null,"alias3"\ null,"alias4"\ null,"aliases" {},"created" 1650553488,"desktoptokens" \[],"email" "","enable auto prompt"\ true,"external id" "n4hm9fejmugweqjqoylwla==","firstname" "","groups" \[],"is enrolled"\ false,"last directory sync" 1718625924,"last login"\ null},{"alias1" "adfs\@gds pri","alias2"\ null,"alias3"\ null,"alias4"\ null,"aliases" {},"created" 1578667011,"desktoptokens" \[],"email" "","enable auto prompt" update user modify a user's details such as username, real name, status, or notes in duo security using the provided user id input argument name type required description user id string required unique identifier username string optional name of the resource realname string optional name of the resource status string optional status value notes string optional parameter for update user email string optional parameter for update user firstname string optional name of the resource lastname string optional name of the resource alias1 string optional parameter for update user alias2 string optional parameter for update user alias3 string optional parameter for update user alias4 string optional parameter for update user aliases string optional parameter for update user input example {"user id" "afa345f","username" "jones","realname" "jones","status" "active","notes" "notes","email" "jjones\@test com","firstname" "john","lastname" "doe","alias1" "alias1","alias2" "alias2","alias3" "alias3","alias4" "alias4","aliases" "aliases"} output parameter type description status code number http status code of the response reason string response reason phrase success boolean whether the operation was successful output example {"status code" 200,"reason" "ok","json body" {"success"\ true}} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt