Duo Security
The Duo Security plugin replaces the built-in operator two-factor authentication (2FA) system with that of Duo.
Activating, Deactivating and Uninstalling
Activation
To activate the plugin, visit Plugins and click on 'Activate' under the Duo Security plugin name. The 'Activate' link is only shown if the plugin is not already active.
Deactivation
Deactivating the plugin enables you to temporarily stop it from running without losing any saved configuration.
To deactivate the plugin, visit Plugins and click on 'Deactivate' under the Duo Security plugin name. The 'Deactivate' link is only shown if the plugin is currently active.
Uninstall
Uninstalling the plugin will remove any saved configuration from the database, and also permanently remove the plugin from the system. The action is irreversible - we recommend to deactivate instead.
To uninstall the plugin, visit Plugins and click on 'uninstall' under the Duo Security plugin name.
Settings
To configure the plugin, visit Plugins and click on 'Settings' under the Duo Security plugin name. The plugin must already be activated beforehand.
The following settings are available for configuration:
Application Details
Follow the below steps to fetch your application details:
- Login to the Duo Security administrator panel.
-
In the right hand sidebar click on Applications > Protect an Application.
- In the search bar, search for
Web SDK
. -
Click the
Protect
button for the application calledWeb SDK
.
-
Copy the displayed Client ID, Client secret, and API hostname fields into the SupportPal plugin settings.
- Once you've copied those items, click the
Save
button in the SupportPal plugin settings.
Operators
The Duo Security integration can be enabled on a per-operator basis, by default no operators make use
of the integration. To enable the integration for a specific operator, click on the Enable
button
in the table. Similarly, click on the Disable
button to disable the integration for specific operators.
Once the integration has been enabled for an operator, the next time they log in they will be redirected to Duo Security to set up two-factor authentication if they do not already have it set up for their account. Every subsequent login after that, Duo Security will present a login check after they've submitted their credentials.