02-15-2023 08:52 AM
For security reasons, we want hardware tokens to be used to connect to AWS Workspaces instead of DUO mobile.
We currently have a RADIUS server in place and configured Amazon Workspaces MFA to use Duo. However, when logging into workspaces we cannot connect using Duo hardware token to authenticate the user but this works fine with Duo mobile
Can anyone advise on this
02-19-2023 01:57 PM
Hi gjohnson,
Hardware tokens either Duo Branded, or generic HOTP/TOTP should indeed work with the AWS Duo integration documented below:
First the tokens will need to be associated with users.
I would recommend ensuring the hardware token authentication method is also enabled in your policies to ensure the token method is actually allowed:
Duo Mobile generated passcodes and Duo Hardware Token passcodes are HOTP codes.
They do not require to be manually refreshed.
If they are manually refreshed too often they can become out of sync causing failed authentications and may need to be resynced.
Please see the article below for further details on resyncing HOTP passcodes for Duo Mobile or a hardware token:
https://help.duo.com/s/article/2240
If the issue persists, I recommend you reach out to Duo Support for assistance and be sure to follow through the steps and provide the Support Tool output as per the article below:
https://help.duo.com/s/article/7680
03-01-2023 04:45 AM
Hi raphka,
Thanks for getting back to me
The authentication issue I’m experiencing is specific to AWS Workspaces
The policy and control Administration has Hardware tokens enabled so ideally the registered Digipass Go 6 token should work
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide