This article provides instructions on how to integrate the Duo application with the Expel Workbench™.
Before you begin
Here's what you need to get started:
- Duo administrator account with Owner role.
- Duo Admin APIs enabled as these aren't enabled by default. For more information about Duo Admin APIs, go to https://duo.com/docs/adminapi.
Note: Our guide was accurate at the time of writing, but changes happen. If you find the instructions are outdated, leave a description in the comment field below and let us know!
Step 1: Generate API credentials
To integrate the technology with Expel, we need to create secure credentials to the API. Depending on the permissions allowed in Step 1, Expel may be able to generate API credentials. If you're unsure, reach out to your Expel Customer Success Engineer, or email customerhealth@expel.io.
-
Log in to the Duo admin portal as an Owner (https://admin.duosecurity.com) and navigate to Applications > Protect an Application.
- Click Protect this Application for the Duo Admin API.
- Click Protect this Application for the Duo Admin API.
- On the next screen, copy and save the Integration key, Secret key, and API hostname for this application. These are the credentials Expel needs to connect to the Duo service. These are not shown again, so save them now.
- In the Settings section, name the application something descriptive. We recommend Expel API.
Note: Make sure to check the following required permissions:
Permission What Expel does with it Grant read information Reads total user count. Grant read log Reads audit logs for security monitoring. Grant read resource Reads user and groups information and enrich events with this context. - Click Save Changes.
Step 2: Configure the technology in Workbench
Now that we have access and noted the credentials, we can integrate Duo with Expel.
- In a new browser tab, log into https://workbench.expel.io.
- On the console page, navigate to Settings and click Security Devices.
-
- At the top right of the page, select Add Security Device.
- Find and select your technology.
Note: Enter the following information into Workbench and click Save:
-
- Name
- Location
- Type the API Hostname from Step 1.
- Type the Integration key from Step 1.
- Type the Secret key from Step 1.
-
- At the top right of the page, select Add Security Device.
After a few minutes, refresh the Security Devices page and you see your device status reporting as Healthy, or if there is an issue, you see details of what the issue may be.
To check if alerts are coming through, navigate to Alerts on the console page. Click the icon in the upper right to switch to grid view, then check the list for device alerts.
Comments
0 comments
Please sign in to leave a comment.