Auth API documentation not clear

Ruben_Cardenal · ‎11-22-2021

Hello,

I’m having quite a hard time making this to work. I have to add dozens of users and it can’t be done by hand. Also it seems the only way of receiving some support is posting here instead of opening a support ticket. So let’s see…

At Duo Admin API | Duo Security it says:

Which means that with:

Tue, 21 Aug 2012 17:29:18 -0000
POST
api-xxxxxxx.duosecurity. com
/admin/v1/users
realname=First%20Last&username=root

and using DIWJ8X6AEYOR5OMC6TQ 1 as the integration key and Zh5eGmUq9zpfQnyUIu5OL9iWoMMv5ZNmk3zLJ4Ep as the secret key (and also the HMAC key) you should end up with this base64 encoded sha1 string:

RElXSjhYNkFFWU9SNU9NQzZUUTE6NjVhZWJhZWZhNDBjOWYyMWI1NmYzYWExMTc1ZDE3ZGM4N2I1ZDM4NQ==

But I find no way of getting to that result. Only the beginning of it (since I already know the first part of the string before being base64-encoded, which is DIWJ8X6AEYOR5OMC6TQ 1

I’ve added some spaces here and there to avoid this forum to hide text.

I have found absolutely no functional client to interact with the API (yes, you provide skeleton demonstration clients in a few languages, but not working code as such).

Can you please point me to a FULL client/binary that I can use from a Linux console? I’ve found nothing after deeply searching online about it (except a client for powershell which it’s of no use from Linux).

Thanks.

Ruben_Cardenal · ‎11-22-2021

Actually, and since I guess I will only receive the link to those 100% incomplete clients (being most of them just PoC unit tests), I have managed to make it work using the nodejs module and will just create a wrapper around it.

It’s a shame that you don’t provide not even ONE fully functional client.

Is it really SO complicated providing something as usual and normal as a shell script that can make the API calls using curl? Many of us here are systems administrators that don’t spend our time programming. I’ve even seen members of the staff here just wondering in posts if this or that will work, instead of giving straight answers. And also unanswered posts of people asking for help with it.

Hint: Okta’s API documentation provides exactly what I was looking for here, and didn’t find.

Ruben_Cardenal · ‎11-22-2021

Please don’t mark this post as solved. I just found a workaround, but never a reply. And I’m a paying customer.

DuoKristina · ‎11-23-2021

Sorry about that. I marked it as resolved because in your follow-up post you said you got it to work. Happy to remove that so it remains open for further discussion by the community.

Duo, not DUO.

Ruben_Cardenal · ‎11-23-2021

Actually, and since you don’t reply to the support tickets from paying customers (at least not to us, with a 150 MFA users plan), I was expecting you guys to point me in the right direction…

Nevertheless, I’ve opened another 2 threads here with issues.

Cooper1 · ‎11-30-2021

If you aren’t seeing replies to tickets, use the web interface. It’s not great but you can see what’s going on with tickets. I’ve had them closed in the past and only knew via the web interface.

There isn’t a client binary from Duo since they offer a directory sync tool. If your situation doesn’t work for the provided sync tool you’ll need to write or find community scripts to work with your unique situation.

You mentioned that you can’t get the same result as their example code but haven’t posted the code you’re using. Can you post your script so the community can see if there’s an issue? You’ll have much better luck going that route than continually slamming Duo for what’s likely a bug in your code.

Ruben_Cardenal · ‎12-14-2021

You are funny, mister. So I will stop this reply here. Have a nice day.