Duo Universal Prompt node
The Duo Universal Prompt node integrates with the Duo service to provide two-factor authentication using Duo’s Universal Prompt authentication interface. You can integrate Universal Prompt with your web applications using the Duo Web v4 SDK.
The Duo Universal Prompt node redirects the user to the Duo service, where they complete their registration or authentication; and return to the journey.
Compatibility
| Product | Compatible? |
|---|---|
Advanced Identity Cloud |
Yes |
Access Management (self-managed) |
Yes |
ForgeRock Identity Platform (self-managed) |
Yes |
Inputs
This node requires the following inbound data:
| Description | Attribute name | Source |
|---|---|---|
Username |
username |
Shared state |
Dependencies
To use this node, you should have already set up Advanced Identity Cloud integration with the Duo authentication service. Refer to Duo node (Deprecated).
Configuration
The configurable properties for this node are:
| Property | Usage |
|---|---|
Client ID |
The client’s ID on Duo. |
Client Secret |
The client’s secret on Duo. |
API Hostname |
The Duo API host name. |
Failure Mode When Duo is Down |
When Duo health check fails, two-factor authentication is not performed and this property is used to determine the outcome from the node:
|
OpenAM Callback URL |
The Advanced Identity Cloud callback URL to return and resume the journey. |
Outcomes
True-
Duo authentication is successful.
False-
Duo authentication failed.
Error-
Any error that occurred while authenticating. An error message is output to the shared state.
Troubleshooting
If this node logs an error, review the log messages to find the reason for the error and address the issue appropriately.
Example
This example journey highlights the use of the Duo Universal Prompt node. In this case, the Duo Universal Prompt node redirects the user to the Duo service to complete their Duo registration or authentication. Upon completion of registration or authentication, the user returns to the node and continues the journey.
