Pull users and admin role assignments from Duo Security via HMAC-signed Admin API.
Source connector — pulls identity and access data from Duo Security into ComplianceScout where it is scored against your compliance frameworks and violation rules.
After a successful sync, the following data is available in your ComplianceScout dashboard for violation detection and reporting.
These fields are collected when you add the connector in the ComplianceScout dashboard. Secrets are encrypted at rest using AES-256-GCM and are never logged.
| Field | Type | Required | Notes |
|---|---|---|---|
| Integration key (ikey) | Text | Required | Admin API integration key from Duo Admin Panel → Applications → Protect an Application → Admin API. |
| Secret key (skey) | Secret | Required | Admin API secret key. Keep this confidential. |
| API hostname | Text | Required | API hostname from the Admin API application, e.g. api-XXXXXXXX.duosecurity.com. |
Follow these steps to gather the credentials above and connect Duo Security to ComplianceScout.
Log in to the Duo Admin Panel and go to Applications → Protect an Application → search for Admin API.
Click Protect to create the integration. Copy the Integration key (ikey), Secret key (skey), and API hostname.
Under Permissions, enable at minimum: Read users, Read groups, Read administrators.
In ComplianceScout, go to Data & Secrets → Integrations → Add Connector → Duo Security and enter the three credential values.
Start a free trial — your tenant is provisioned instantly and you can wire up this integration from the connectors page.