As said in duoweb guide, it is not advisable to use Auth APIs other than /ping and /check for Duo web.
But when I tried Auth API’s /preauth with Web SDK’s authorization keys, it is working fine even though it is said in guide as “Incorporating any other Auth API endpoint calls in your Duo Web application may have unpredictable results.”
I would be glad if I get clarified for the following,
- Since the /preauth endpoint is working fine with WebSDK’s integration and security keys, is it okay to use it ?
- Is there any other way to validate the Auth API’s integration/security keys since Auth API’s /check endpoint works the same for both WebSDK and AuthAPI ?
Thank you in advance.