Duo Security

The Duo Security plugin replaces the built-in operator two-factor authentication (2FA) system with that of Duo.

Contents

Activating, Deactivating and Uninstalling

Activation

To activate the plugin, visit Plugins and click on 'Activate' under the Duo Security plugin name. The 'Activate' link is only shown if the plugin is not already active.

Deactivation

Deactivating the plugin enables you to temporarily stop it from running without losing any saved configuration.

To deactivate the plugin, visit Plugins and click on 'Deactivate' under the Duo Security plugin name. The 'Deactivate' link is only shown if the plugin is currently active.

Uninstall

Uninstalling the plugin will remove any saved configuration from the database, and also permanently remove the plugin from the system. The action is irreversible - we recommend to deactivate instead.

To uninstall the plugin, visit Plugins and click on 'uninstall' under the Duo Security plugin name.

Settings

To configure the plugin, visit Plugins and click on 'Settings' under the Duo Security plugin name. The plugin must already be activated beforehand.

The following settings are available for configuration:

Application Details

Follow the below steps to fetch your application details:

  1. Login to the Duo Security administrator panel.
  2. In the right hand sidebar click on Applications > Protect an Application.
    Duo Dashboard
  3. In the search bar, search for Web SDK.
  4. Click the Protect button for the application called Web SDK.
    Duo Applications
  5. Copy the displayed Client ID, Client secret, and API hostname fields into the SupportPal plugin settings.
    Duo Web SDK Details
  6. Once you've copied those items, click the Save button in the SupportPal plugin settings.

Operators

The Duo Security integration can be enabled on a per-operator basis, by default no operators make use of the integration. To enable the integration for a specific operator, click on the Enable button in the table. Similarly, click on the Disable button to disable the integration for specific operators.

Once the integration has been enabled for an operator, the next time they log in they will be redirected to Duo Security to set up two-factor authentication if they do not already have it set up for their account. Every subsequent login after that, Duo Security will present a login check after they've submitted their credentials.