Duo Keys

Description

General

Documentation: https://duo.com/docs/authapi
Summary: Duo is a company providing a RESTful API for adding strong two-factor authentication to an application. This detector aims at catching the Duo keys (integration key, secret key, and API hostname) used to access this API.
IPs allowlist: As of the time of writing this documentation, this feature is not available.
Scopes: Duo keys have full access to the Duo Auth API.

Revoke the secret

Duo keys can be revoked in the Duo Admin Panel (https://admin.duosecurity.com/).

Check for suspicious activity

As of the time of writing this documentation, this feature is not available.

Details for `Duo Keys`

Family: credentials
Category: identity_provider
Company: Duo
High recall: False
Validity check available: True
Analyzer available: False
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 3
Occurrences found for one million commits: 0.11
Prefixed: False
PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - duosecurity\.com

Examples

- text: |
    integration_key=XOHQUEIZANG7QUAEJIUW
    secret_key=IexipeeveevoLeibiethohChoh2heitapheesuTh
    base_url=https://api-abcd1234.duosecurity.com
  integration_key: XOHQUEIZANG7QUAEJIUW
  secret_key: IexipeeveevoLeibiethohChoh2heitapheesuTh
  subdomain: api-abcd1234

Duo Keys

Description

General

Revoke the secret

Check for suspicious activity

Details for `Duo Keys`

Examples

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Description​

General​

Revoke the secret​

Check for suspicious activity​

Details for Duo Keys​

Examples​

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Subscribe to our newsletter

Description

General

Revoke the secret

Check for suspicious activity

Details for `Duo Keys`

Examples