Multi-factor authentication and secure access.
## Duo Security MCP Server: Multi-Factor Authentication Management The **Duo Security MCP Server** integrates Cisco's leading MFA platform into Google Antigravity, enabling administrators to manage users, authentication policies, and access controls for secure identity verification. ### Why Duo Security MCP? - **MFA management** - Configure and enforce multi-factor authentication - **User administration** - Manage user enrollment and device registration - **Policy configuration** - Define adaptive authentication policies - **Trust assessment** - Evaluate device and user trust levels - **Access logging** - Review authentication logs and patterns ### Key Features #### 1. User Management ```python # Create new Duo user user = await mcp.call("duo", "create_user", { "username": "jsmith", "email": "jsmith@company.com", "realname": "John Smith", "status": "active" }) # Enroll phone for user phone = await mcp.call("duo", "add_phone", { "user_id": user["user_id"], "number": "+14155551234", "type": "mobile", "platform": "Apple iOS" }) # Send activation SMS await mcp.call("duo", "send_activation", { "phone_id": phone["phone_id"], "activation_type": "sms" }) ``` #### 2. Authentication Policies ```python # Create adaptive policy policy = await mcp.call("duo", "create_policy", { "name": "High Security Resources", "require_mfa": True, "allowed_methods": ["push", "webauthn"], "trusted_devices": { "require": True, "max_age_days": 30 }, "location_restrictions": { "countries": ["US", "CA"], "deny_anonymous_networks": True } }) # Apply policy to application await mcp.call("duo", "apply_policy", { "integration_key": "DI_xxx", "policy_key": policy["policy_key"] }) ``` #### 3. Device Trust ```python # Get device health for user devices = await mcp.call("duo", "get_user_devices", { "user_id": "user_xxx", "include_health": True }) for device in devices: print(f"Device: {device[\"name\"]}") print(f"Platform: {device[\"platform\"]} {device[\"os_version\"]}") print(f"Encrypted: {device[\"encrypted\"]}") # Configure device trust policy await mcp.call("duo", "configure_trust", { "require_encryption": True, "require_passcode": True, "block_rooted": True }) ``` #### 4. Authentication Logs ```python # Get authentication log auth_logs = await mcp.call("duo", "get_auth_logs", { "mintime": "2024-01-01T00:00:00Z", "maxtime": "2024-01-31T23:59:59Z", "factors": ["push", "sms"], "results": ["success", "fraud"] }) # Analyze authentication patterns success = len([l for l in auth_logs if l["result"] == "success"]) fraud = len([l for l in auth_logs if l["result"] == "fraud"]) print(f"Success: {success}, Fraud attempts: {fraud}") ``` ### Configuration ```json { "mcpServers": { "duo": { "command": "npx", "args": ["-y", "@anthropic/mcp-duo"], "env": { "DUO_IKEY": "your-integration-key", "DUO_SKEY": "your-secret-key", "DUO_HOST": "api-xxx.duosecurity.com" } } } } ``` ### Use Cases **User Onboarding**: Automate Duo enrollment for new employees with device registration. **Policy Management**: Create and deploy adaptive MFA policies based on risk levels. **Security Auditing**: Review authentication logs for compliance and threat detection. **Device Compliance**: Enforce device security requirements before granting access. The Duo Security MCP Server brings enterprise MFA management into your development workflow.
{
"mcpServers": {
"duo": {}
}
}