Configure Duo two-factor authentication

OEM Cloud integrates with Duo Security to provide two-factor authentication for account users. When this feature is enabled, a user that logs in to OEM Cloud from one device must also authenticate his or her log in from a second device, such as a mobile phone.

Once OEM Cloud is configured to use Duo security, all users except those with application or read-only application roles must use two-factor authentication to log in to OEM Cloud. Users with application or read-only application roles are not managed by the Duo Security application.

Before you begin

To implement two-factor authentication, an administrator must first sign up for a Duo Security account and then add the OEM Cloud application to the account. Contact your OEM Cloud account representative for information on setting up and integrating Duo two-factor authentication.

Configure Duo two-factor authentication

After the Duo Security account has been added, follow the steps below to configure your OEM Cloud account to use the Duo two-factor authentication.

1. Make sure you have the Duo Security integration key and secret key, and your API host name.
2. Click Security > Policies.
3. Click Duo.
4. Provide the following information:
   • Integration key: Enter the Duo Security integration key.
   • Secret key: Enter the Duo Security secret key.
   • API hostname: Enter the API host name.
5. Click Save.

For information about the Duo Security policy view, see Security > Policies > Duo view.