List users for all Child accounts via Accounts API
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-22-2021 10:12 AM
We are trying to list the users from all of our Child accounts using the Accounts API. The documentation is very sparse for accessing child accounts, it just says to use the Accounts API and append account_id=[enter the accountid] to the end of an API call. However, it isn’t working. I’ve tried using both the Accounts API keypair or the Admin api keypair, but both respond with an error that the signature is wrong. When making requests without the account_id, it works just fine.
Has anyone had experience with accessing child accounts programmatically?
We are using PowerShell for our API calls, but I can parse through Python or Perl if you have examples.
- Labels:
-
Admin APIs

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-23-2021 12:54 PM
Like this…
- Create the Accounts API integration in the parent.
- Find the target child’s account ID with a post to /accounts/v1/accounts/list (or poke around in the Admin Panel > Accounts page)
- the admin api GET request is like
https://parent.duosecurity.com/admin/v1/users?account_id=THECHILDACCOUNTIDX
and uses the ikey/skey from the Accounts API integration created in step 1.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-11-2022 02:14 PM
Sorry to bump this thread but I have the exact same problem. The solution as is posted by DuoKristina simply does not work for me.
When using the admin API with the ApiKey and Secret from the Accounts API I get an error:
Invalid signature in request credentials
Seperately the credentials work fine for all /account api calls. As do the key and secret for the admin API.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-12-2022 04:56 AM
I got this working by making sure that the child account ID was hashed into the authentication request. I’m using PowerShell, and the New-DuoRequest module found here duo/new-duoRequest.ps1 at master · StarkCaptain/duo · GitHub.
My request looks like this:
New-DuoRequest -apiHost "api-parent.duosecurity.co" -apiEndpoint "/admin/v1/users" -requestMethod "GET" -apiSecret "parentsecret" -apiKey "Parentkey" -requestparams @{account_id = "childAccountID"}
Hopefully that helps!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-12-2022 05:13 AM
Thank you very much!!! This was the solution. I tried passing the account_id as an extra header but it has to be in the body.
