We are implementing the Duo OIDC Auth API for adding strong two-factor authentication to our web application.( Duo OIDC Auth API - Duo Universal Prompt | Duo Security)
In our understanding Duo uses FAPI security client_secret_jwt for client authentication. Is it correct?
We’d like to know is there any sample client implementation to refer because we would like to design the OIDC client in a generic way.
Our pain area is to design the request.payload arguments config structure in an end user perspective.
Looking forward to hearing from you.