A Support Authentication challenge

Hey there - I would like to use DUO as a secondary / tertiary authentication method for support teams to verify end users when calling for password resets etc.
The long term goal is self service but in the mean time is there a way of seeing a code on an end users device and then matching it in the admin console to act as this additional way of authentication.
The other choice would be to push a code to the end device and have them read it back?

Hey JKP, welcome to the Duo Community.

There is a way to verify an end-user’s identity with a Duo Push request (though not a “code,” strictly speaking) during a help desk/support interaction! This process is detailed in the documentation here.

And there is a video showcasing this feature here:

Hope this helps!