Audit the Duo 'factor' used when authenticating

Basics

Logistics

Basics

Logistics

Fix versions

1.2.0

Description

In the id_token of the Duo response is the ‘factor’ used to authenticate e.g.

 "factor": "remembered_device",
 
 "factor": "sms_passcode"

It would be good to log this at the INFO level to the process log for now, and maybe to the audit log later on.

Environment

None

Assignee

Philip Smart

Confluence content

mentioned on

https://shibboleth.atlassian.net/wiki/spaces/DEV/pages/2951020545/2022-04-01

Activity

Show:

Philip SmartMarch 25, 2022 at 12:20 PM

Added this to the authentication result validation action, for example:

Profile Action ValidateDuoTokenAuthenticationResult: Duo 2FA authentication succeeded for 'jdoe', using second-factor 'sms_passcode'

Completed

Details
Reporter
Philip Smart

Created March 24, 2022 at 3:54 PM

Updated April 1, 2022 at 12:33 PM

Resolved March 25, 2022 at 3:13 PM

Audit the Duo 'factor' used when authenticating

Fix versions

Description

Environment

Assignee

Confluence content

mentioned on

Activity

Philip SmartMarch 25, 2022 at 12:20 PM

Details
Reporter
Philip Smart

Details

Reporter

Flag notifications

Something's gone wrong

Something's gone wrong

Audit the Duo 'factor' used when authenticating

Fix versions

Description

Environment

Assignee

Confluence content

mentioned on

Activity

Philip SmartMarch 25, 2022 at 12:20 PM

DetailsReporterPhilip SmartPhilip Smart

Details

Reporter

Flag notifications

Something's gone wrong

Something's gone wrong

Details
Reporter
Philip Smart