What You'll Need
- Administrator access to the Duo Admin Panel
- A Duo plan that includes Admin API access (Duo Beyond, Duo Access, or Duo MFA with API)
- ~5 minutes to complete setup
- Your Clariti account with adapter management permissions
Get Your Credentials
Log in to the Duo Admin Panel at admin.duosecurity.com. Navigate to Applications > Protect an Application and search for Admin API. Click Protect to create a new Admin API application.
The application page displays three values:
- Integration key (ikey) — this is the value you enter in Clariti's API Key field
- Secret key (skey) — store securely; it is not shown again after you leave the page
- API hostname — looks like
api-XXXXXXXX.duosecurity.com
Grant the application at least Grant Read Resource permission so Clariti can read users, authentication logs, and enrollment status.
Enter Credentials in Clariti
| Value from vendor console | Paste into Clariti field |
|---|---|
Integration key (ikey) | API Key |
Secret key (skey) | Secret Key |
API hostname | API Hostname |
Verify Connection
Click Test Connection in Clariti. A successful connection returns a green checkmark. The first data sync typically completes within a few minutes.
Troubleshooting
- 401 Unauthorized — Verify the Integration Key and Secret Key are copied exactly. The HMAC signature will fail if either value has trailing whitespace.
- 403 Forbidden — Ensure the Admin API application has Grant Read Resource permissions enabled in the Duo Admin Panel.
- Timeout — Check that the API hostname is entered correctly. Clariti retries automatically on transient failures.