How often will you be adding trusted device IDs, and how many people will you have doing it? If it's infrequent it may be preferable to add them via the Duo Admin Panel instead of proliferating the API credentials across different systems so people can do it programatically. Any API post is going to have to comply with Duo's signing requirements, which relies on having the API integration secret key locally on the system making the request so it can create the HMAC signature for the request.

I know there is a third-party PowerShell Duo API client: https://github.com/mbegan/Duo-PSModule. I've tested it out a few times before for other API operations. Looks like it hasn't been updated for a few years, and so it doesn't have functions for device ID management. You could add them though if you were very interested in using PowerShell for this.

Usually if I am not using the Python script we provide + CSV (even sometimes a CSV file containing a single device ID) to test this from CLI then I am using our Python API client directly for the POST, or sometimes Postman (making sure I have a working pre-request script for the signing). Caution as I remember there being a third-party Duo Postman workspace that didn't format the request correctly.

Generally we recommend using one of the API clients from the duosecurity GitHub org, or the Python script.