Contents
Overview
Import Duo Trust Monitor and Device Insight information into Cisco SecureX.
Requirements
- You must already have a SecureX account in an activated organization. See the SecureX Sign-On Guide for more information.
- You must be a Duo Advantage or Duo Premier customer or have an active Duo Advantage or Premier trial.
First Steps
Role required: Owner
You will need to create an Admin API application in Duo to use with SecureX and will copy information from the Duo Admin Panel into SecureX to complete setup. Note that only administrators with the Owner role can create or modify an Admin API application in the Duo Admin Panel.
-
Log in to the Duo Admin Panel and navigate to Applications.
-
Click Protect an Application and locate Admin API in the applications list. Click Protect to create the application and view the integration key, secret key, and API hostname. (See Getting Started for help.)
-
Grant these permissions to this Admin API application:
Permission Details Grant administrators The Admin API application can read information about, create, update, and delete Duo administrators and administrative units. Grant read information The Admin API application can read information about the Duo customer account's utilization. Grant applications The Admin API application can read information about, create, update, and delete Duo applications (referred to as "integrations" in the API). Grant read log The Admin API application can read authentication, offline access, telephony, and administrator action log information. Grant read resource The Admin API application can read information about resource objects such as end users and devices. -
Keep the Duo Admin Panel open while you configure SecureX.
The security of your Duo application is tied to the security of your secret key (skey). Secure it as you would any sensitive credential. Don't share it with unauthorized individuals or email it to anyone under any circumstances!
Configure SecureX
Enter the information for the Duo "Admin API" application in SecureX.
- Log in to the SecureX Dashboard.
- Click Integration Modules.
- Locate the Cisco Duo integration module in the list of available integrations and click the Add button.
- Once on the Duo integration module configuration page, give the new module a meaningful name (defaults to "Cisco Duo") and then copy the integration key, secret key, and API hostname from the "Admin API" application in the Duo Admin Panel and paste that information into SecureX where prompted.
- Click Add or Save when done.
- Return to the SecureX Dashboard and you'll see the new Cisco Duo integration module on the "My Integration Modules" page as well as Duo "Device Insight" information on the "Insights" page.
Refer to the Quick Start information on the configuration page of the Duo integration module in SecureX for additional configuration details and information.
Troubleshooting
Need some help? Take a look at our SecureX Knowledge Base articles or Community discussions. For further assistance, contact Support.