Setting Up an Duo Security REST Connection Manager

The REST Connection Manager is an SSIS connection manager that can be used to establish connections and facilitate data integration with REST based APIs and services such as Duo Security, among many more.

Integration for Duo Security is enabled by the following two components:

To add a new connection, right-click the Connection Manager area in your Visual Studio project, and choose "New Connection..." from the context menu. You will be prompted the "Add SSIS Connection Manager" window. Select the "REST (KingswaySoft)" item to add a new REST Connection Manager.

New SSIS Connection

Add SSIS REST Connection Manager

The REST Connection Manager contains 2 pages of configuration.

  • General
  • Advanced Settings

General page

The General page allows you to specify connection properties and login credentials for the Duo Security REST service:

Duo Security Connection manager.png

Service Name

The REST service that will be connected to.

API Throttle Rate

The API Throttling Rate will limit the number of requests that can be sent per second.

Integration Key

The API Username to use when accessing Duo Security service.

Secret Key

The Client Secret to use when accessing Duo Security service.

Test Connection

After all the connection information has been provided, you may click the "Test Connection" button to test if the user credentials entered can connect to the selected REST service.

Advanced Settings Page

The Advanced Settings page has some additional options that can be configured.

Duo Security Connection manager - Advanced Settings.png

Proxy Mode

The Proxy Mode option allows you to specify how you want to configure the proxy server setting. There are three options available:

  • No Proxy
  • Auto-detect (Using system-configured proxy)
  • Manual
Proxy Server

Using the Proxy Server option allows you to specify the name of the proxy server for the connection.

Port

The Port option allows you to specify the port number of the proxy server for the connection.

Username (Proxy Server Authentication)

The Username option (under Proxy Server Authentication) allows you to specify the proxy user account.

Password (Proxy Server Authentication)

The Password option (under Proxy Server Authentication) allows you to specify the proxy user's password.

Note: The Proxy Password is not included in the connection manager's ConnectionString property by default. This is by design for security reasons. However, you can include it in your ConnectionString if you want to parameterize your connection manager. The format would be ProxyPassword=myProxyPassword; (make sure you have a semicolon as the last character). It can be anywhere in the ConnectionString.

Timeout

The number of seconds requests should wait before timing out.

Retry on Intermittent Errors

The retry on intermittent errors option determines if requests will be retried when there is an error. If this option is checked, requests will be retried up to 3 times.

Ignore Certificate Errors

This option can be used to ignore those SSL certificate errors when connecting to Duo Security servers.

Warning: Enabling the "Ignore Certificate Errors" option is generally NOT recommended, particularly for production instances. Unless there is a strong reason to believe the connection is secure - such as the network communication is only happening in an internal infrastructure, this option should be unchecked for best security.