Once you set up your compliance program, Kintent TrustOps works to ensure that your systems remain compliant with your adopted controls. To do so, Kintent runs automated tests against systems in your product and business stack, and verifies that they are properly configured.
This document outlines the steps you can take to grant Kintent access to only read metadata about the configuration settings for your Duo account and Duo Users and workstations, so that TrustOps can validate and generate evidence for your compliance program.
Navigate to the Duo administrator console, and select Applications in the side navbar.
https://lh5.googleusercontent.com/LvjWzcPXOG7FVT4Dw7ZhtbFeAX46MZtDpa7R97Hs2HlhI2qgwaJxY7DVmZHyovZNpeccTQCHtXT3dR3vHBEFFxgWPYjsY5jxHJ72J3Fs3l7sLFp0ZHlkIteaiNpFBPaIZHS9OYfL
On the application page, click on Protect an Application.
https://lh4.googleusercontent.com/FKCi3RnbFvRdkkANvixNgHJZF7_Jm3nQthCR8hhJEAmD8O4hnUmBYZgLiWpTRUPqrB5yLvXLozugLM13tPyykk4w3a8A-A2QcHfXI6IWvs9LSpwuxcg3c_uqDPm8YAtOeMkD6_DN
Click the Protect button in the Duo Admin API row.
https://lh5.googleusercontent.com/aRrFURATZfwFl4actyxRw4Bd9SJiwsXv08MJzn0h0OVe7vbuyykU-TOepMadvHI2jeIppWKWkKU2Ulw-y77_-TwOr7enVJWS_whxXG0N91cs0rNWf7xaCsF5qjAe3gEYys8LzvJw
Once the previous step is complete, you will be redirected to the Admin API page. Copy the integration key, secret key, and API hostname.
Scroll down to the Permissions **section **and check the boxes next to the Grant read information and Grant read resource permissions.
https://lh5.googleusercontent.com/Q2rTj1jyWWR2Zm6xUurnF7VUC67oMoDdf2sy1t9n6UfPg9365ABf0ayGyTBV0k3KM5CEm0j1gmDahWk5pxK1R0hjUJdO1PNfxuwi0RCBSNbUHwOjn0dtXWvIgTBqVvRPtvwyXV18
Scroll to the bottom of the page and click Save Changes.
Input the information you copied in step 4 into TrustOps connection setup.