What data is sent when requesting authentication from the proxy server to the cloud?

my company consider Introduction of Duo
although all packet are encrypted, but many people worried to drain the internal data.
so i hope to know What data is sent when requesting authentication from the proxy server to the cloud in the encrypted packet?

Hi there,

You can see the authentication POST requests to Duo during authentication by enabling debug logging on your Duo Authentication Proxy server.

This typically includes:

  • username
  • Duo factor selected
  • client IP address if available

The request signature is generated using your Duo application’s secret key as the HMAC key.

No user password or shared secret information, or the unhashed SKEY is sent to Duo’s service.