Sample code for 30+ languages & platforms
C#

Duo Auth API - Async Auth

See more Duo Auth MFA Examples

If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.

Chilkat C# Downloads

C#
bool success = false;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

string integrationKey = "DIMS3V5QDVG9J9ABRXC4";
string secretKey = "HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab";

Chilkat.Http http = new Chilkat.Http();

http.Accept = "application/json";

// Use your own hostname here:
string url = "https://api-a03782e1.duosecurity.com/auth/v2/auth";

// This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
// generate and send the HMAC signature for the requires based on the integration key and secret key.
http.Login = integrationKey;
http.Password = secretKey;

Chilkat.HttpRequest req = new Chilkat.HttpRequest();
req.AddParam("username","matt");
req.AddParam("factor","push");
// The device ID can be obtained from the preauth response.  See Duo Preauth Example
req.AddParam("device","DP6GYVTQ5NK82BMR851F");
// Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
req.AddParam("async","1");

req.HttpVerb = "POST";
req.ContentType = "application/x-www-form-urlencoded";

Chilkat.HttpResponse resp = new Chilkat.HttpResponse();
success = http.HttpReq(url,req,resp);
if (success == false) {
    Debug.WriteLine(http.LastErrorText);
    return;
}

Debug.WriteLine("status code = " + Convert.ToString(resp.StatusCode));

Chilkat.JsonObject json = new Chilkat.JsonObject();
success = json.Load(resp.BodyStr);
json.EmitCompact = false;
Debug.WriteLine(json.Emit());

if (resp.StatusCode != 200) {
    return;
}

// Sample successful output:

// status code = 200

// {
//   "stat": "OK",
//   "response": {
//     "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
//   }
// }

string txid = json.StringOf("response.txid");

// Use your own hostname here:
Chilkat.StringBuilder sbUrl = new Chilkat.StringBuilder();
sbUrl.Append("https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=");
sbUrl.Append(txid);
string url = sbUrl.GetAsString();

Debug.WriteLine("Auth status URL: " + url);

Chilkat.StringBuilder sbResult = new Chilkat.StringBuilder();
string responseStatus;
string responseStatus_msg;

// Wait for a response...
int i = 0;
int maxWaitIterations = 100;
while (i < maxWaitIterations) {
    // Wait 3 seconds.
    http.SleepMs(3000);

    Debug.WriteLine("Polling...");

    success = http.HttpNoBody("GET",url,resp);
    if (success == false) {
        Debug.WriteLine(http.LastErrorText);
        return;
    }

    if (resp.StatusCode != 200) {
        Debug.WriteLine("error status code = " + Convert.ToString(resp.StatusCode));
        Debug.WriteLine(resp.BodyStr);
        Debug.WriteLine("Failed.");
        return;
    }

    // Sample response:

    // 	{
    // 	  "stat": "OK",
    // 	  "response": {
    // 	    "result": "waiting",
    // 	    "status": "pushed",
    // 	    "status_msg": "Pushed a login request to your phone..."
    // 	  }
    // 	}

    json.Load(resp.BodyStr);

    // The responseResult can be "allow", "deny", or "waiting"
    sbResult.Clear();
    json.StringOfSb("response.result",sbResult);
    responseStatus = json.StringOf("response.status");
    responseStatus_msg = json.StringOf("response.status_msg");

    Debug.WriteLine(sbResult.GetAsString());
    Debug.WriteLine(responseStatus);
    Debug.WriteLine(responseStatus_msg);
    Debug.WriteLine("");

    if (sbResult.ContentsEqual("waiting",true) == true) {
        i = i + 1;
    }
    else {
        // Force loop exit..
        i = maxWaitIterations;
    }

}

Debug.WriteLine("Finished.");