Company logoHelp Center
Visit www.threatlocker.com

Configuring with DUO Authentication

3 min. readlast update: 05.20.2026

DUAL FACTOR AUTHENTICATION WITH DUO

ThreatLocker can be integrated with Duo to provide dual-factor authentication (2FA) for portal access.

Important:
When configuring the Duo integration for the first time, ThreatLocker strongly recommends keeping a separate browser session open and logged into the ThreatLocker Portal. This ensures you can still access the portal to modify the integration or administrator MFA settings if the configuration is completed incorrectly.

 

Enable Dual-Factor Authentication with Duo

  1. Log in to the ThreatLocker Portal.
  2. Navigate to Integrations.
  3. In the search bar, search for and select Duo.

 

Duo Settings Tab

Within the Duo Settings tab, enter the following information from your Duo Partner Auth API application:

  • Integration Key
  • Secret Key
  • API Hostname

Optionally, you can enable the setting:

  • Skip Duo authentication when the user’s current IP address matches their last authenticated IP address

This allows ThreatLocker to bypass Duo authentication when the user is connecting from the same IP address previously used for successful authentication.

Select the blue Create button to save the integration.

 

User Mapping Tab

If users’ Duo usernames differ from their ThreatLocker usernames, you can manually map accounts.

  1. Enable the toggle:
    • Manually map ThreatLocker users to Duo aliases
  2. A list of ThreatLocker users for the organization will appear.
  3. Enter the corresponding Duo username next to each applicable ThreatLocker user.
  4. Select the blue Save button to apply the mappings.

Select the blue 'Save' button to save the settings.

Retrieve the Integration Key, Secret Key, and API Hostname from Duo

  1. Log in to the Duo Admin Panel.
  2. Navigate to:
    • ApplicationsApplications

3. Locate and open the desired Partner Auth API application.

  1. In the Details section, copy the following values:
  • Integration key - copy this and insert it in the 'Integration Key' box in the ThreatLocker integration sidebar
  • Secret key - copy this and insert it in the 'Secret Key' box in the ThreatLocker integration sidebar
  • API hostname - copy this and insert it in the 'API Hostname' box in the ThreatLocker integration sidebar

 

Creating a New Partner Auth API Application in Duo

  •  Log in to the Duo Admin Panel.
  • In the top right-hand corner, select the 'Add new...' button and choose 'Application'

  • In the search bar, search for Partner Auth API

  • Select the blue '+ Add' button under Partner Auth API.

1.  Select a name for the application.  The example above uses ThreatLocker.

2.  Select user access to choose whether or not all users can utilize this application.

3.  Set any of the other settings as desired.

4.  Scroll to the bottom and press the blue 'Save' button to save the integration.

 

Copy and paste the following information into the ThreatLocker Portal > Duo Integration sidebar:

  • Integration key - copy this and insert it in the 'Integration Key' box 
  • Secret key - copy this and insert it in the 'Secret Key' box 
  • API hostname - copy this and insert it in the 'API Hostname' box

Adding DUO as an MFA Method in ThreatLocker

Once the integration is configured and saved, DUO will be listed as an MFA method in the User sidebar.

 

Was this article helpful?