If your organization is using multi-factor authentication, you can configure EmpowerID to enable users to use Duo as a second factor by registering your corporate Duo account in EmpowerID and adding Duo Two-Factor Authentication to any Password Manager policy or SSO application as a multi-factor authentication type.
In order to use Duo, your organization must have a Duo account. If you do not have a Duo account, you can sign up for one by visiting https://signup.duo.com/.
To integrate DUO Two-Factor Authentication
- From the Navigation Sidebar, navigate to the EmpowerID System Settings page by expanding Admin > Miscellaneous and clicking EmpowerID System Settings.
- Search for DUO. You should see settings for DUOAPIHostName, DUOIntegrationKey and DUOSecretKey in the grid.
- From the grid, click the Edit button for the DUOAPIHostName setting.
- In the dialog that appears, enter your DUO API hostname in the Value field and click Save.
- Back in the grid, click the Edit button for the DUOIntegrationKey setting.
- Enter your DUO integration key in the Value field and click Save.
- Next, click the Edit button for the DUOSecretKey setting.
- Enter your DUO secret key in the Value field and click Save.
Related Topics
Concepts:
Administrative Procedures:
- Setting the MFA Points Required by Password Manager Policies
- Assigning MFA Types to Password Manager Policies
- Setting the MFA Points Required by Applications
- Assigning Adaptive Authentication Rules to Password Manager Policies
- Assigning MFA Types to Applications
- Editing MFA Type Point Values
- Setting the MFA Points Granted by SSO Connections
- Integrating Yubico OTP
- Registering and Issuing Vasco Hardware OATH Tokens
- Customizing the MFA Retry Limit