Duo AuthAPI - Security Key

Using the Duo Auth API, /auth/v2/preauth, - no results are returned if the user has only a security key configured.

We are trying to prompt our users to create bypass codes, but only if they have other methods configured with Duo, however, the preauth return does not give us an indication the security key is configured.

Results are: {“response”: {“devices”: , “result”: “auth”, “status_msg”: “Account is active”}, “stat”: “OK”}

Has anyone figured out how to determine if WebAuthN security key is configured using the authapi, or is it a requirement to use the admin api -/admin/v1/users/[user_id]/webauthncredentials function to gather this information.

Thanks, Don

No, you can’t get WebAuthn factor info from an Auth API preauth response today. Admin API will return this info for users, as you noted.