This article explains how to connect Duo Cloud to Expel Workbench.
Prerequisites
Here's what you need to get started:
-
Duo Cloud administrator account with Owner role.
-
Duo Cloud Admin APIs enabled as these aren't enabled by default. For more information about Duo Cloud Admin APIs, go to https://duo.com/docs/adminapi.
Quick Links
Step 1: Generate API Credentials
To integrate the technology with Workbench, we need to create secure credentials for the API.
Having read-only access to the interface of your technology allows Expel to dig deeper during incident investigations. Our device health team uses this access to investigate potential health issues with your tech.
-
Log in to the Duo Cloud admin portal as an Owner (https://admin.duosecurity.com) and navigate to Applications > Protect an Application.
-
Click Protect this Application for the Duo Cloud Admin API.
-
-
On the next screen, copy and save the Integration key, Secret key, and API hostname for this application. These are the credentials Expel needs to connect to the Duo Cloud service.
Note
These are not shown again, so save them now. -
In the Settings section, name the application something descriptive. We recommend Expel API.
-
Check the following required permissions:
Permissions
What Expel does with it
Grant read information
Reads total user count.
Grant read log
Reads audit logs for security monitoring.
Grant read resource
Reads user and group information and enriches events with this context.
-
If you prefer to specify the IPs to access the API, add the IPs from Connecting Your Devices Securely to Workbench to the Networks for API Access field.