Create User

Create a new user in Duo Security Admin.

Input

Field Definition Type Required

User

Username

User's primary Duo username.

Text

TRUE

First Name

User's first name.

Text

FALSE

Last Name

User's last name.

Text

FALSE

Full Name

User's full name.

Text

FALSE

Email

User's email address.

Text

FALSE

Status

User's Duo status:

  • active - user must complete secondary authentication
  • bypass - user will bypass secondary authentication after completing primary authentication
  • disabled - user will not be able to log in

Dropdown

FALSE

Alias 1

Additional username alias.

Text

FALSE

Alias 2

Additional username alias.

Text

FALSE

Alias 3

Additional username alias.

Text

FALSE

Alias 4

Additional username alias.

Text

FALSE

Notes

Free text field for additional user information.

Text

FALSE

Output

Field Definition Type

User

User ID

Unique identifier of the user.

Text

Username

User's primary Duo username.

Text

First Name

User's first name.

Text

Last Name

User's last name.

Text

Full Name

User's full name.

Text

Email

User's email address.

Text

Alias 1

Additional username alias.

Text

Alias 2

Additional username alias.

Text

Alias 3

Additional username alias.

Text

Alias 4

Additional username alias.

Text

Created

Date and time when the object was created.

Text

Groups

Name

Name of the group.

Text

ID

Group's ID.

Text

Description

Group's description.

Text

Status

Group's authentication status; active, bypass, or disabled.

Text

Mobile OTP Enabled?

If true, users in the group will be able to authenticate with a passcode generated by Duo Mobile; if false, users in the group will not be able to authenticate with a passcode generated by Duo Mobile.

This setting has no effect if Duo Mobile passcodes are disabled globally.

Text

Push Enabled?

If true, users in the group will be able to use Duo Push to authenticate; if false, users in the group will not be able to use Duo Push to authenticate.

This setting has no effect if Duo Push is disabled globally.

Text

SMS Enabled?

If true, users in the group will be able to use SMS passcodes to authenticate; if false, users in the group will not be able to use SMS passcodes to authenticate.

This setting has no effect if SMS passcodes are disabled globally.

Text

Voice Enabled?

If true, users in the group will be able to authenticate with a voice callback; if false, users in the group will not be able to authenticate with a voice callback.

This setting has no effect if voice callback is disabled globally.

Text

Is Enrolled?

If true, the user has a phone, hardware token, U2F token, or security key available for authentication; otherwise, false.

Text

Last Directory Sync

Time stamp of the last update to the user via directory sync, or null if the user has never synced with an external directory or if the directory that originally created the user has been deleted from Duo.

Text

Last Login

Last time this user logged in, as a UNIX timestamp, or null if the user has not logged in.

Text

Status

User's status:

  • active - user must complete secondary authentication
  • bypass - user will bypass secondary authentication after completing primary authentication
  • disabled - user will not be able to log in
  • locked out - user has been automatically locked out due to excessive authentication attempts
  • pending deletion - user was marked for deletion by a Duo admin from the Admin Panel, by the system for inactivity, or by directory sync; if not restored within seven days, the user is permanently deleted.

Text

Phones

Activated?

Indicates whether a phone has been activated for Duo Mobile; either true or false.

Text

Capabilities

List of factors that can be used with the device. This includes any of:

  • push - device is activated for Duo Push
  • phone - device can receive phone calls
  • sms - device can receive batches of SMS passcodes
  • mobile_otp - device can generate passcodes with Duo Mobile

Text

Encrypted

Encryption status of an Android or iOS device file system; one of Encrypted, Unencrypted, or Unknown; blank for other platforms.

Text

Extension

Phone extension.

Text

Fingerprint

Indicates whether an Android or iOS phone is configured for biometric verification; one of Configured, Disabled, or Unknown; blank for other platforms.

Text

Last Seen

Time stamp of the last contact between Duo's service and the activated Duo Mobile app installed on the phone; blank if the device has never activated Duo Mobile or if the platform does not support it.

Text

Model

Phone's model.

Text

Name

Phone's label.

Text

Number

Phone number.

Text

Phone ID

Phone's ID.

Text

Platform

Phone platform; one of unknown, google android, apple ios, windows phone 7, rim blackberry, java j2me, palm webos, symbian os, windows mobile, or generic smartphone.

Text

Postdelay

Time (in seconds) to wait after the extension is dialed and before the speaking the prompt.

Text

Predelay

Time (in seconds) to wait after the number picks up and before dialing the extension.

Text

Screenlock

Indicates whether screen lock is enabled on an Android or iOS phone; one of Locked, Unlocked, or Unknown; blank for other platforms.

Text

SMS Passcode Sent?

Indicates whether SMS passcodes have been sent to the phone; either true or false.

Text

Tampered

Indicates whether an iOS or Android device is jailbroken or rooted; one of Not Tampered, Tampered, or Unknown; blank for other platforms.

Text

Type

Type of phone; one of unknown, mobile, or landline.

Text

Tokens

Token ID

Hardware token's unique identifier.

Text

Type

Type of hardware token.

Text

Serial

Serial number of the hardware token, used to uniquely identify the hardware token when paired with type.

Text

TOTP Step

Null for all supported token types.

Text

U2F Tokens

Date Added

Date the U2F token was registered in Duo.

Text

Registration ID

U2F token's registration identifier.

Text

WebAuthn Credentials

Credential Name

Label for the WebAuthn credential.

Text

Date Added

Date the WebAuthn credential was registered in Duo.

Text

Label

Indicates the type of WebAuthn credential; either Security Key or Touch ID.

Text

WebAuthn Key

WebAuthn credential's registration identifier.

Text

Notes

Additional user information.

Text

Related topics

Duo Security Admin connector

Workflow elements

Duo Security Admin documentation