# Cisco Duo

In this guide, you will create integration keys in Cisco Duo to pull authentication telemetry. This telemetry identifies successful and failed multi-factor authentication attempts.

At the end of this configuration, you will provide Radiant Security with the following values:

* **API Hostname**
* **Integration Key**
* **Secret Key**

### Prerequisites

* [ ] Admin access to the Duo Admin Panel console with at least Owner permissions

### Generate the integration keys

1. Log in to the **Duo Admin Panel** as an **Owner**.
2. Click **Applications** on the left sidebar.
3. Click **Protect an Application** and locate the entry for **Admin API**.

<div align="left"><figure><img src="https://2439665791-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPsFulb2ZOtSPcRSc2rXE%2Fuploads%2FDXzQE272cIkTPumtUjMU%2FCisco_Duo_01.png?alt=media&#x26;token=0b10c6aa-db71-4b22-9f41-b7775e76957f" alt="" width="563"><figcaption></figcaption></figure></div>

4. Click **Protect** to get the **integration key, secret key** and **API hostname**.

<div align="left"><figure><img src="https://2439665791-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPsFulb2ZOtSPcRSc2rXE%2Fuploads%2F6E2kmhD4A9V0gdK5SfE6%2FCisco_Duo_02.png?alt=media&#x26;token=466b5ec7-f251-4a56-9b17-1b485a3b0d22" alt="" width="563"><figcaption></figcaption></figure></div>

5. Document and store the **Integration** **key**, **Secret** **key**, and the **API** **hostname** before proceeding to the next step.
6. Select the **Grant read log** permission.
7. Click **Save**.

{% hint style="warning" %}
**Important note:** Be sure to document and store the key values carefully, as it cannot be retrieved later and can present a security risk if used in an unauthorized fashion.
{% endhint %}

### Add the data connector in Radiant Security

1. Log in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, select **Settings** > **Data Connector** and click **+ Add Connector**.
3. Search for and select the **Cisco Duo** option and then click **Data** **Feeds**.
4. Under **Select your data feeds**, select **Cisco Duo** and click **Credentials**.
5. Under **Credential Name**, give the credential an identifiable name (e.g. `Duo-Credentials`).
6. Under **Required** **Credentials**, add the following that you copied from the previous section:
   * **API hostname**
   * **Secret key**
   * **Integration key**
7. Click **Add Connector**.

{% hint style="warning" %}
**Important note:** The domain should be in the following format (without https\://): `api-XXXXXXXX.duosecurity.com`
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/cisco-duo.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.