Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1768
Views
0
Helpful
2
Replies

Can Auth API be used for Yubico OTP (44 character passcode)

Go to solution
MiguelRodriguez24531
Level 1
Level 1

‎06-16-2020 08:41 PM

Reading the documentation for Auth API (Auth API | Duo Security) I see that the supported second factor protocols are auto, push, passcode, sms and phone. The passcode option is defined as coming from Duo Mobile, SMS, hardware token, or bypass code, does this include the YubiKey 44 character string generated when touching the YubiKey capacitive button? If so, does the YubiKey need to be enrolled or registered manually by an admin? The “enroll” API endpoint seems to be desgined for OATH TOTP (returns a QR code). Any clarification will be appreciated.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
DuoKristina
Cisco Employee
Cisco Employee

‎06-22-2020 01:52 PM

YES - You can use YubiKey-generated OTPs with the AuthAPI.
YES - YubiKeys must be imported by Duo admins and assigned to users. End users may not self-enroll hardware OTP devices. Learn more here: Managing OTP Hardware Tokens.

Duo, not DUO.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
DuoKristina
Cisco Employee
Cisco Employee

‎06-22-2020 01:52 PM

YES - You can use YubiKey-generated OTPs with the AuthAPI.
YES - YubiKeys must be imported by Duo admins and assigned to users. End users may not self-enroll hardware OTP devices. Learn more here: Managing OTP Hardware Tokens.

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents