Dual-form Authentication

All Plugins / Authfront / Duosecurity

Identity Card

StatusCore
Plugin LabelDual-form Authentication
Short DescriptionDual-form authentication using the DuoSecurity web service
Plugin Identifierauthfront.duosecurity
AuthorCharles du Jeu
Urldocs/references/plugins/authfront/duosecurity
Dependencies

Documentation

Dual-factor Authentication using DuoSecurity Service

Activating DuoSecurity integration

DuoAuth SDK is embedded with a slightly modified version in the plugin, you don't have to get if from their website.

  • Register with DuoSecurity
  • Generate an API key pair by creating a "Web SDK" integration on their site
  • Generate a random 40-characters string for your application

Activating the plugin

  • Enable the authfront.duosecurity plugin
  • For a user or a group of users (using roles, groups or one-by-one users parameters edition), enable the Dual-Form Authentication.
  • After a successful login/password login, user will be asked to enroll and provide a second device (like a mobile device) to be identied. Once enrolled, she'll be able to activate the login entirely.

Plugin parameters

LabelDescriptionTypeDefault
Order
ORDER
Order this plugin with other auth frontendsInteger15
Protocol Type
PROTOCOL_TYPE
Enable/disable automatically based on the protocol usedSelect (session_only, no_session, both)session_only
DuoSecurity Config
Api Host
DUO_AUTH_HOST
DuoSecurity HostString
Integration Key
DUO_AUTH_IKEY
DuoSecurity Integration KeyString
Secret Key
DUO_AUTH_SKEY
DuoSecurity Secret KeyString
Application Key
DUO_AUTH_AKEY
DuoSecurity Application Key (generate your own)String
Dual-level Authentication
Duo Authentication Active
DUO_AUTH_ACTIVE
Active dual-form authenticationBooleanfalse
Request Signature (leave empty)
DUO_AUTH_LAST_SIGNATURE
Used internallyStringfalse