Native Integrations
      Back to home
      1. Gradient Support Center
      2. Vendor Integrations
      3. Native Integrations

      Duo Security

      Overview and Configuration Guide: Integrating Duo Security with Gradient Reconcile

      Products Integrated Duo User License

      Note that with the exception of users in the Trash folder or users in Pending Deletion status, users consume a seat license once they are added to the Duo Admin Panel. Click here for more information.

      How to Configure Duo Security 

      To configure and connect the Duo Security integration, please click to navigate to the following:

      1. Generate Vendor API Keys
      2. Connect the Integration
      3. Map Accounts and Services

      Generate Vendor API Keys

      The Duo Security integration requires the following credentials across the Admin API and Accounts API:

      • Integration Key
      • Secret Key
      • API Hostname (e.g., API-xxxxxxxx.duosecurity.com)

      Note that only administrators with the Owner role in the parent may contact Duo Support to request access to the Accounts or Admin API application, or can create or modify an API application in the Duo Admin Panel.

      Accounts API

      1. Log in to the Duo Admin Panel and navigate to Applications.
      2. Click Protect an Application and locate the entry for Accounts API in the applications list. Click Protect to the far right to configure the application and get your integration key, secret key, and API hostname. You'll need this information to complete your setup. See Protecting Applications for more information about protecting applications in Duo and additional application options.

      Optional specify which IP addresses or ranges are allowed to use this Accounts API application in Networks for API Access. If you do not specify any IP addresses or ranges, this Accounts API application may be accessed from any network. Click here for more information.

      Admin API

      1. Log in to the Duo Admin Panel and navigate to Applications.
      2. Click Protect an Application and locate the entry for Admin API in the applications list. Click Protect to the far right to configure the application and get your integration key, secret key, and API hostname. You'll need this information to complete your setup. See Protecting Applications for more information about protecting applications in Duo and additional application options.
      3. Apply "Grant read resource" permission to this Admin API application. This is required to read information about resource objects such as end users, to retrieve seat license usage.

      duo-admin-panel-api

      duo-admin-panel-api-permissions

      Connect the Integration

      1. Login to Reconcile and navigate to the Integrations tab.
      2. Select the Duo Security Integration card and click Connect.
      3. Choose what module you wish to connect to, and press continue.
      4. Enter your vendor details from Step 1 and press authenticate.
      5. Press Next to complete the service and account mapping.

      Note that you are only able to proceed until accounts, services and the integration status are set to "Pending." You may hit the Sync status button to check the status of the integration.

      Map Accounts and Services

      Note: If you need further details on account and service mapping, click here.

      1. Map Accounts and Services

        • When setting up the integration for the first time, accounts are automatically matched if there's an exact match between your vendor and PSA.
        • For accounts not automatically matched:
          • Use the filter button beside the account names on the right, or
          • Use the search bar on the left to find PSA accounts.
        • Drag and drop the PSA accounts from the left to match them with vendor accounts on the right.

      2. Proceed to Service Mapping

        • Once accounts are mapped, click "Next" to access the Service Mapping step.
        • Align services or products from your PSA, displayed on the left, with the corresponding vendor services or SKUs on the right. For ConnectWise PSA users, search by Product ID.
        • Ensure at least one account and one service mapping is completed to finish the configuration.
        • After mapping the services, click "Next".

      3. Finalize Configuration

      • Review your service configurations and click "Finish" to complete the setup.
      • This will initiate a sync. The "Sync Status" indicator at the top-right will start spinning, showing that a sync is in progress.
      • Once the sync is complete, the "Refresh" button will light up pink, indicating the sync is complete. Click that button to see the vendor usage data populated.
      • Use the filter or sort options to jump to the connected services and start reviewing and approving usage!

       

      Top