Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
290
Views
0
Helpful
1
Replies

Timeout - C# How do you check if user ignores the DUO push

jonelster
Level 1
Level 1

‎09-21-2023 05:21 PM

I have a C# Application that uses DUOUNIVERSAL.  It all works.

I call Redirect(promptUrl) to send the Push to the mobile devices.

How can I handle the case where the user IGNORES or DENIES the Push notification? 

DUO returns   "LOGIN DENIED" - how can I log this ???

Help...

 

thx!

 

 

 

Labels:
0 Helpful
1 Reply 1

DuoKristina
Cisco Employee
Cisco Employee

‎09-22-2023 09:43 AM

Ah, there isn't a good way to check this. When the user _completes_ Duo auth the `auth_context` information in the access token provides details about factor success, but when a user doesn't complete Duo authentication in the Universal Prompt it just sits there to let them try again and doesn't return any info to the authenticating application.

You could specify a timeout for the full Duo auth in your application, and if that timeout is reached without the redirect back happening you can log it as timed out or failed.

https://duo.com/docs/oauthapi#authorization-request

In the event that multi-factor authentication is unsuccessful, we will not redirect the end-user to the specified redirect URI. A failed authentication will appear in the Authentication Log (found in the Admin Panel) associated with the end-user.

After a successful authentication, Duo redirects the user to the redirect URI specified in the redirect_uri field as described below.

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents