Versions Compared

Old Version 2

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version 3

changes.mady.by.user Kim Landis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.



Div
classbreadcrumbs

Home  /  Single Sign-On and MFA  /  Multifactor Multi-Factor Authentication  /  Current: Integrating DUO Two-Factor Authentication

If your organization is using multi-factor authentication, you can configure EmpowerID to enable users to use Duo as a second factor by registering your corporate Duo account in EmpowerID and adding Duo Two-Factor Authentication to any Password Manager policy or SSO application as a multi-factor authentication type.


Info
titlePrerequisites

In order to use Duo, your organization must have a Duo account. If you do not have a Duo account, you can sign up for one by visiting https://signup.duo.com/.

To integrate DUO Two-Factor Authentication

  1. From In the Navigation Sidebar, navigate to the EmpowerID System Settings page by expanding Admin > Miscellaneous and clicking expand Admin, then Miscellaneous, and click EmpowerID System Settings.
  2. Search for DUO. You should see settings Settings for DUOAPIHostName, DUOIntegrationKey and DUOSecretKey appear in the grid.

    Image Added

  3. From Above the grid, click the Edit button for the DUOAPIHostName setting.

    Image Added

  4. In the dialog that appears, enter your DUO API hostname in the Value field and click Save.

    Image Added

  5. Back in the grid, click the Edit button for the DUOIntegrationKey setting.
  6. Enter your DUO integration key in the Value field and click Save.
  7. Next, click the Edit button for the DUOSecretKey setting.
  8. Enter your DUO secret key in the Value field and click Save.
Related Topics

Concepts:

Administrative Procedures:

  • Setting the MFA Points Required by Password Manager Policies
    1. Each DUO setting is now populated with the corresponding values for your DUO account.

      Image Added


    Now that you have registered your DUO account in EmpowerID, the next step to using it for MFA in EmpowerID is to add it as an MFA type to one or more Password Manager policies and SSO applications. For directions on how to do so, see Assigning MFA Types to Password Manager Policies
  • Setting the MFA Points Required by Applications
  • Assigning Adaptive Authentication Rules to Password Manager Policies
    • Assigning  and Assigning MFA Types to Applications.
  • Editing MFA Type Point Values
  • Setting the MFA Points Granted by SSO Connections
  • Integrating Yubico OTP
  • Registering and Issuing Vasco Hardware OATH Tokens
  • Customizing the MFA Retry Limit


    • Anchoruser-tasksuser-tasks

    User Tasks

  • Using Duo Two-Factor Authentication
  • Using Yubikey OTP
  • Using OATH Tokens
  • Using FIDO Universal 2nd Factor
  • Using EmpowerID One-Time Password
    • Using Device Registration
    Info
    iconfalse
    titleRelated Content