Advanced Identity Cloud

Duo node (Deprecated)

ForgeRock has deprecated the Duo node because Duo has deprecated Traditional Duo Prompt that is used by the Duo node. You should use the Duo Universal Prompt node in place of the Duo node.

Integrates Duo for an additional authentication factor.


  • True (success)

  • False (failure)


  1. Create a Duo account at

  2. In the Duo admin console under Applications, click Protect an Application.

  3. Search for and create an application profile for Web SDK.

  4. Record the following for use when configuring the node:

    • Integration key

    • Secret key

    • API hostname

  5. Generate an application key for the node, which is a random string at least 40 characters long.

    How you generate the random string for the application key is up to you. For example, use a random string generator service or a Python script to generate an application key:

    >>> import os, hashlib
    >>> hashlib.sha1(os.urandom(32)).hexdigest()
    >>> exit()


Property Usage

Integration Key

The integration key from Duo for the Web SDK application.

Secret Key

The secret key from Duo for the Web SDK application.

API Host Name

The API hostname from Duo for the Web SDK application.

Application Key

The application key you generated.

Duo Javascript URL

The link to Duo’s JavaScript for your Web SDK application.


Copyright © 2010-2024 ForgeRock, all rights reserved.