# Cisco Duo

Radiant connects to Cisco Duo through the Duo Admin API to ingest authentication telemetry, including successful and failed multi-factor authentication attempts. Configuration is a one-time setup performed in the Duo Admin Panel and Radiant Security.

At the end of this configuration, you provide Radiant Security with the following values:

* **API hostname**
* **Integration key**
* **Secret key**

### Prerequisites

* [ ] Owner role in the Cisco Duo Admin Panel
* [ ] Administrator role in Radiant Security

### Generate Admin API credentials in Cisco Duo

For vendor instructions, refer to Cisco Duo's [Admin API documentation](https://duo.com/docs/adminapi).

{% stepper %}
{% step %}

#### Open the Admin API application

Sign in to the [Duo Admin Panel](https://admin.duosecurity.com/) as an Owner. In the left sidebar, click **Applications**, then click **Protect an Application**. Locate **Admin API** in the list and click **Protect** on that row.

<div align="left"><figure><img src="/files/KE2B2zioEsEwQN8XnGe2" alt="" width="563"><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}

#### Copy the credentials

The Admin API configuration page displays the three values Radiant needs. Copy and store each one securely:

* **Integration key**
* **Secret key**
* **API hostname**

<div align="left"><figure><img src="/files/YgtMBRw4ccfbZqEoZxMP" alt="" width="563"><figcaption></figcaption></figure></div>

{% hint style="warning" %}
The Secret key is shown only at this page and cannot be retrieved later. If it is lost, you must reset the integration to generate a new one.
{% endhint %}
{% endstep %}

{% step %}

#### Grant the Read log permission and save

On the same page, scroll to **Permissions** and select **Grant read log**. Click **Save** at the bottom of the page.
{% endstep %}
{% endstepper %}

### Add the data connector in Radiant Security

1. Sign in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, select **Settings** > **Data Connectors** and click **+ Add Connector**.
3. Search for and select **Cisco Duo**, then click **Data Feeds**.
4. Under **Select your data feeds**, select **Cisco Duo** and click **Credentials**.
5. Under **Credential Name**, enter a descriptive name (e.g., `Duo-Credentials`).
6. Under **Required Credentials**, enter the values you copied from Cisco Duo:
   * **API hostname**: enter without the `https://` prefix, in the format `api-XXXXXXXX.duosecurity.com`.
   * **Integration key**
   * **Secret key**
7. Click **Add Connector** to save the configuration.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/cisco/cisco-duo.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.