[error] The Auth Proxy was not able to validate the provided API credentials

I’m trying to setup Cisco ASA SSL VPN protection using [radius_server_duo_only]

This is the configuration that I want to validate.


I get below error when I validate from Authentication Proxy Manager installed on Windows 2019 server.

[error] The Auth Proxy was not able to validate the provided API credentials.
[error] Check that the credentials provided for ■■■■■■■■■■■■■■■■■■■■■■■■■■ and ikey XXXXXXXXXXXX are correct.
[debug] Exception: 40301: Access forbidden
[info] The Auth Proxy will be able to accept connections on port 1812 on all interfaces

I verified TLS/SSL connection to api server following below article .


Browser, telnet, and Invoke-WebRequest test all passed.

I copied Integration key and secret key and API hostname from Cisco ASA SSL VPN application page.

Which Duo application did you create for this? You mention a “Cisco ASA SSL VPN” application but if you review our RADIUS ASA instructions they say to create a “Cisco RADIUS VPN” application.

I assumed it would be “Cisco ASA SSL VPN” because I was trying to protect Cisco AnyConnect login.

After protecting Cisco Radius VPN, and appling new keys, protection is working now.

Thank you very much for the guidance.

Best regards,