Connect Duo Security to AI agents

Connect Duo Security to Claude, Codex, Cursor, or other AI agents for your entire team. Metorial security, governance, observability, and gives your team a unified Magic MCP url to connect.

Supported Tools

delete_user

Delete User

Permanently delete a Duo Security user and all associated data including phones, tokens, and group memberships.

delete_group

Delete Group

Delete a Duo Security group. Users in the group will be disassociated but not deleted.

get_authentication_logs

Get Authentication Logs

Retrieve Duo authentication log events using the v2 API. Returns detailed records of authentication attempts including user, application, result, and device information. Events have a 2-minute delay before becoming available.

delete_phone

Delete Phone

Delete a phone from Duo Security. The phone will be disassociated from all users.

list_phones

List Phones

Retrieve a list of phones registered in Duo Security. Phones are MFA devices associated with users.

create_phone

Create Phone

Register a new phone in Duo Security for use as an MFA device.

create_bypass_codes

Create Bypass Codes

Generate one-time bypass codes for a Duo user. Bypass codes allow users to authenticate when they don't have access to their normal MFA device.

create_group

Create Group

Create a new Duo Security group for organizing users and applying access policies.

get_admin_logs

Get Administrator Logs

Retrieve Duo administrator action logs. Returns records of actions performed by administrators such as user creation, policy changes, and configuration updates.

get_account_summary

Get Account Summary

Retrieve a summary of the Duo account including user counts, integration counts, telephony credits, and current account settings.

get_user

Get User

Retrieve detailed information about a specific Duo user, including associated phones, tokens, groups, and WebAuthn credentials.

update_user

Update User

Update a Duo Security user's profile, status, group memberships, or phone associations. Supports modifying user fields, adding/removing groups, and associating/disassociating phones in a single operation.

list_integrations

List Integrations

Retrieve a list of Duo-protected applications (integrations). Each integration represents an application that uses Duo for authentication.

delete_admin

Delete Admin

Delete a Duo Security administrator account.

create_admin

Create Admin

Create a new Duo Security administrator account with a specified role.

update_admin

Update Admin

Update an existing Duo Security administrator's name, phone, or role.

get_telephony_logs

Get Telephony Logs

Retrieve Duo telephony log events. Returns records of phone calls and SMS messages sent for authentication purposes, including costs and outcomes.

list_users

List Users

Retrieve a list of Duo Security users. Supports filtering by username or email, and pagination for large result sets.

list_admins

List Admins

Retrieve a list of Duo Security administrator accounts with their roles and contact information.

create_user

Create User

Create a new Duo Security user. Optionally send an enrollment email to the user so they can set up their MFA device.

list_groups

List Groups

Retrieve a list of Duo Security groups. Groups are used to organize users and apply policies.

More integrations teams use with Duo Security

Firebase

Manage backend services for mobile and web applications. Create, read, update, and delete documents in Cloud Firestore and Realtime Database. Manage user accounts including creating, updating, deleting, and listing users with authentication support. Send push notifications and data messages to devices, topics, and device groups via Cloud Messaging (FCM). Upload, download, and delete files in Cloud Storage. Read and publish Remote Config templates to change app behavior remotely. Deploy and manage serverless Cloud Functions triggered by database events, authentication events, storage events, and HTTP requests. Stream real-time database changes via Server-Sent Events. Query databases with filters, ordering, and pagination. Perform batch writes and transactions in Firestore. Generate and verify custom tokens and ID tokens for user authentication.

Kibana

Manage Kibana resources and the Elastic Stack visualization layer programmatically. Create, import, export, and organize saved objects such as dashboards, visualizations, and data views across spaces. Configure alerting rules with threshold, query, and metric conditions, and connect them to actions via connectors (email, Slack, PagerDuty, webhook, Jira, ServiceNow, and more). Manage data views (index patterns) that define which Elasticsearch indices Kibana queries. Create and organize spaces to separate dashboards and objects into meaningful categories. Track incidents with cases, define and monitor Service Level Objectives (SLOs), manage Fleet agent policies and enrollments, configure security detection rules for SIEM, and control role-based access with Kibana feature privileges.

Kubernetes

Manage and orchestrate containerized applications on Kubernetes clusters. Create, update, scale, and delete workloads including Pods, Deployments, StatefulSets, DaemonSets, Jobs, and CronJobs. Configure service discovery and load balancing through Services, Ingress, and Endpoints. Manage configuration and storage with ConfigMaps, Secrets, PersistentVolumes, and StorageClasses. Control access with Namespaces, RBAC roles and bindings, ServiceAccounts, and NetworkPolicies. Administer cluster infrastructure including Nodes, ResourceQuotas, LimitRanges, and PriorityClasses. Autoscale workloads with HorizontalPodAutoscaler and VerticalPodAutoscaler. Define and manage Custom Resource Definitions (CRDs) to extend cluster functionality. Watch resources in real time for create, modify, and delete events. Configure admission webhooks to validate or mutate resources before persistence.

Cloudflare

Manage internet infrastructure including DNS records, domains, and zone settings. Deploy and configure serverless Workers scripts, R2 object storage buckets, and Pages deployments. Configure security rules including WAF, firewall rules, rate limiting, DDoS protection, and IP access controls. Manage SSL/TLS certificates, load balancers, origin pools, and health monitors. Upload and deliver video content via Cloudflare Stream. Access traffic, DNS, and security analytics via GraphQL. Configure Zero Trust Access applications, Gateway policies, and Tunnel connections. Set up alerting and webhook notifications for security events, health checks, certificate status, and usage thresholds. Register and manage domains, account members, roles, and API tokens.

Auth 0

Manage users, roles, permissions, and identity provider connections for authentication and authorization. Create, read, update, and delete users across identity connections. Configure social, enterprise, and passwordless authentication methods. Assign roles and permissions using role-based access control (RBAC). Register and manage applications and API resource servers. Set up multi-factor authentication (MFA) including SMS, email, TOTP, and WebAuthn. Create organizations for multi-tenant B2B scenarios and invite members. Build custom serverless Actions for login, registration, and password change flows. Configure custom domains, email templates, branding, and attack protection. Import and export users in bulk. Retrieve authentication logs and audit events. Manage client grants and log streams for event delivery.

Okta

Manage identity and access management for organizations. Create, update, deactivate, and search users. Manage groups and group memberships. Assign users and groups to applications. Configure multi-factor authentication enrollment and verification. Create and manage OAuth 2.0 authorization servers, scopes, claims, and access policies. Set sign-on, password, and MFA enrollment policies. Query system logs for auditing and troubleshooting. Manage user sessions, devices, and inline hooks for customizing authentication flows. Supports webhooks for user authentication, lifecycle, group, application, policy, and security events.

Technical notes for Duo Security

Manage multi-factor authentication, users, devices, and access security. Create, read, update, and delete users, groups, phones, hardware tokens, and administrators. Perform two-factor authentication via Duo Push, phone call, SMS, hardware tokens, and WebAuthn/FIDO2. Manage Duo-protected applications and configure access policies by user group or application. Retrieve authentication logs, administrator action logs, and telephony logs. Read and update account settings, trigger directory syncs, and manage trusted endpoints. Supports MSP partner account management for creating and managing child Duo accounts.

Connect Duo Security to production AI agents

See how Metorial gives Duo Security access the governance, tracing, and security controls teams need.

Frequently asked questions

Common questions about connecting Duo Security to AI agents with Metorial.

  1. Can Metorial connect Duo Security to AI agents?
    Yes. Metorial connects AI agents to Duo Security through a governed integration layer, so teams can use the provider while keeping access controlled and observable.
  2. Metorial is MCP compatible and lets teams expose approved provider tools to MCP-capable agents and clients through a controlled access layer.
  3. Metorial applies policies across users, groups, providers, agents, and individual tools, then records the context around every agent interaction.
  4. Yes. Metorial records provider activity so teams can inspect tool calls, troubleshoot integrations, and give security teams the visibility they need.