Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2336
Views
0
Helpful
3
Replies

Duo auth api - new user activation code timeout

flippery_fish
Level 1
Level 1

‎08-20-2019 04:59 AM

Hi,

When a new user is enrolled but they don’t respond before the activation code times out (i.e. enroll status returns invalid) as far as i can see the only course of action is to use the admin api to delete the user and enroll them again so that they get a new activation code.

Is this correct or is there another way to generate a new activation code for a user that is already enrolled (but not activated)?

Thanks a lot,

Andy

Labels:
0 Helpful
3 Replies 3

Amy2
Level 5
Level 5

‎08-20-2019 07:51 AM

Hi Andy,

Just to clarify for the community, there is a difference between Duo enrollment and activation, which you can read more about in the knowledge base. Enrollment is the process of entering a user and authentication device in Duo, while activation is the process of syncing a smartphone or tablet with the Duo cloud service via the Duo Mobile app.

To help us better answer your question, could you please clarify if you are talking about enrollment links sent via email to enroll users in Duo, or activation links sent to a device for Duo Mobile?

0 Helpful

flippery_fish
Level 1
Level 1

‎08-20-2019 12:49 PM

Hi Amy,

Thanks for the info, I’m probably not 100% au fait with the right terminology yet. Hopefully this will better describe - the /enroll endpoint (Auth API | Duo Security) returns the following and the user has to scan the qr code before expiration is reached. but if expiration is reached there seems to be no api function to reset the expiration for the user - the only course of action seems to be to delete the user first and then call /enroll again - is that correct?

Thanks a lot,

Andy

“stat”: “OK”,
“response”: {
“activation_barcode”: “https://■■■■■■■■■■■■■■■■■■■■■■■■/frame/qr?value=8LIRa5danrICkhHtkLxi-cKLu2DWzDYCmBwBHY2YzW5ZYnYaRxA”,
“activation_code”: “duo://8LIRa5danrICkhHtkLxi-cKLu2DWzDYCmBwBHY2YzW5ZYnYaRxA”,
“expiration”: 1357020061,
“user_id”: “■■■■■■■■■■■■■■■■■■■■”,
“username”: “49c6c3097adb386048c84354d82ea63d”
}
})

0 Helpful

Amy2
Level 5
Level 5
In response to flippery_fish

‎08-21-2019 05:56 AM

Hi Andy,

Ok great, thank you for the additional context! You will need to use the Admin API to generate an activation URL. You can read more about this in our Admin API docs under Phones>Create Activation Code (I included a direct link for you as well). Duo generates a new activation_url each time /admin/v1/phones/[phone_id]/activation_url is called.

Hope that helps!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents