Skip to main content

Duo Keys

Description

General

Documentation: https://duo.com/docs/authapi
Summary: Duo is a company providing a RESTful API for adding strong two-factor authentication to an application. This detector aims at catching the Duo keys (integration key, secret key, and API hostname) used to access this API.
IPs allowlist: As of the time of writing this documentation, this feature is not available.
Scopes: Duo keys have full access to the Duo Auth API.

Revoke the secret

Duo keys can be revoked in the Duo Admin Panel (https://admin.duosecurity.com/).

Check for suspicious activity

As of the time of writing this documentation, this feature is not available.

Details for `Duo keys`

Family: Api
Category: Identity provider
Company: Duo
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 3
Occurrences found for one million commits: very rare
Prefixed: False
PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - duosecurity\.com

Examples

- text: |
    integration_key=XOHQUEIZANG7QUAEJIUW
    secret_key=IexipeeveevoLeibiethohChoh2heitapheesuTh
    base_url=https://api-abcd1234.duosecurity.com
  integration_key: XOHQUEIZANG7QUAEJIUW
  secret_key: IexipeeveevoLeibiethohChoh2heitapheesuTh
  subdomain: api-abcd1234

Was this page helpful?

Description

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

How can I help you ?