Multi-Factor Authentication
      Back to home
      1. Knowledge Base
      2. Integrations
      3. Multi-Factor Authentication

      DUO

      How to connect DUO to Cork

      Generating API Key

      1. Log into the Duo portal with an account that has the Owner Role
      2. On the left nav bar navigate to Applications > Protect an Application > and then click the Protect an Application button
      3. On the Protect an Application screen, either filter, or scroll down the screen to find Admin API (verify this is the Admin API and not the Duo Admin Panel) on the list and click the Protect button.
      4. Name: Cork Protection Admin API
      5. Permissions:
        • Grant Administrators: Disabled
        • Grant read information: Enabled
        • Grant applications: Disabled
        • Grant settings: Disabled
        • Grant read log: Enabled
        • Grant read resource: Enabled
        • Grant write resource: Disabled

      6. On the following screen, scroll down to the Settings section and adjust the following options:
      7. Scroll to the bottom of the page and click Save Changes
      8. Once the changes are saved, copy the Integration Key
      9. Leave this browser page open and continue to the “Connecting Integration” section of this article

      Connecting Integration

      1. Log into Cork Protection in a new browser tab or window
      2. Navigate to the Integrations page
      3. Scroll down to the Multi-factor authentication provider section 
      4. Locate Duo and click “Configure”
      5. Paste the previously copied Integration Key into the Admin integration field
      6. Navigate back to the Duo portal which was previously left open
      7. Copy the value under Secret key.
      8. Navigate back to Cork Protection and paste the Secret key into the Admin secret key field.
      9. Navigate back to the Duo portal and copy the API hostname
      10. Navigate back to Cork Protection and paste the API hostname into the API hostname field.
      11. Navigate back to the Duo portal. 
      12. Repeat the instructions listed in Generating API Key, but this time select Accounts API for step 3.
        • There are no permissions that need to be set for the Accounts API. You can change the Name to Cork Protection Accounts API and click save.
      13. Repeat the steps of copying and pasting the Accounts API Integration Key and Secret key into Cork Protection, but this time utilizing the Accounts Integration Key field and Accounts Secret Key field.
      14. (Optional) If desired, enter a display name for the integration
      15. Click the “Connect” button