If your organization is using multi-factor authentication, you can configure EmpowerID to enable users to use Duo as a second factor by registering your corporate Duo account in EmpowerID and adding Duo Two-Factor Authentication to any Password Manager policy or SSO application as a multi-factor authentication type.
...
Integrate DUO Two-Factor Authentication
- On the navbar, expand Admin, then Miscellaneous, and click EmpowerID System Settings.
- Search for DUO. Settings for DUOAPIHostName, DUOIntegrationKey and DUOSecretKey appear in the grid.
- Above the grid, click the Edit button for the DUOAPIHostName setting.
In the dialog that appears, enter your DUO API hostname in the Value field and click Save. - Back in the grid, click the Edit button for the DUOIntegrationKey setting.
- Enter your DUO integration key in the Value field and click Save.
- Next, click the Edit button for the DUOSecretKey setting.
- Enter your DUO secret key in the Value field and click Save.
Each DUO setting is now populated with the corresponding values for your DUO account.
Now that you have registered your DUO account in EmpowerID, the next step to using it for MFA in EmpowerID is to add it as an MFA type to one or more Password Manager policies and SSO applications. For directions on how to do so, see Assign MFA Types to Password Manager Policies and Assign MFA Types to Applications.