Div | ||
---|---|---|
| ||
Home / Single Sign-On and MFA / Multifactor Multi-Factor Authentication / Current: Integrating DUO Two-Factor Authentication |
If your organization is using multi-factor authentication, you can configure EmpowerID to enable users to use Duo as a second factor by registering your corporate Duo account in EmpowerID and adding Duo Two-Factor Authentication to any Password Manager policy or SSO application as a multi-factor authentication type.
Info | ||
---|---|---|
| ||
In order to use Duo, your organization must have a Duo account. If you do not have a Duo account, you can sign up for one by visiting https://signup.duo.com/. |
To integrate DUO Two-Factor Authentication
- From In the Navigation Sidebar, navigate to the EmpowerID System Settings page by expanding Admin > Miscellaneous and clicking expand Admin, then Miscellaneous, and click EmpowerID System Settings.
- Search for DUO. You should see settings Settings for DUOAPIHostName, DUOIntegrationKey and DUOSecretKey appear in the grid.
- From Above the grid, click the Edit button for the DUOAPIHostName setting.
- In the dialog that appears, enter your DUO API hostname in the Value field and click Save.
- Back in the grid, click the Edit button for the DUOIntegrationKey setting.
- Enter your DUO integration key in the Value field and click Save.
- Next, click the Edit button for the DUOSecretKey setting.
- Enter your DUO secret key in the Value field and click Save.
Concepts:
Administrative Procedures:
- Each DUO setting is now populated with the corresponding values for your DUO account.
Now that you have registered your DUO account in EmpowerID, the next step to using it for MFA in EmpowerID is to add it as an MFA type to one or more Password Manager policies and SSO applications. For directions on how to do so, see Assigning MFA Types to Password Manager PoliciesSetting the MFA Points Required by Applications Assigning Adaptive Authentication Rules to Password Manager Policies Assigning and Assigning MFA Types to Applications.Editing MFA Type Point Values Setting the MFA Points Granted by SSO Connections Integrating Yubico OTP Registering and Issuing Vasco Hardware OATH Tokens Customizing the MFA Retry Limit
User Tasks
Info | ||||
---|---|---|---|---|
| ||||