Sample code for 30+ languages & platforms
Unicode C++

Duo Auth API - Async Auth

See more Duo Auth MFA Examples

If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.

Chilkat Unicode C++ Downloads

Unicode C++
#include <CkHttpW.h>
#include <CkHttpRequestW.h>
#include <CkHttpResponseW.h>
#include <CkJsonObjectW.h>
#include <CkStringBuilderW.h>

void ChilkatSample(void)
    {
    bool success = false;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    const wchar_t *integrationKey = L"DIMS3V5QDVG9J9ABRXC4";
    const wchar_t *secretKey = L"HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab";

    CkHttpW http;

    http.put_Accept(L"application/json");

    // Use your own hostname here:
    const wchar_t *url = L"https://api-a03782e1.duosecurity.com/auth/v2/auth";

    // This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
    // generate and send the HMAC signature for the requires based on the integration key and secret key.
    http.put_Login(integrationKey);
    http.put_Password(secretKey);

    CkHttpRequestW req;
    req.AddParam(L"username",L"matt");
    req.AddParam(L"factor",L"push");
    // The device ID can be obtained from the preauth response.  See Duo Preauth Example
    req.AddParam(L"device",L"DP6GYVTQ5NK82BMR851F");
    // Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
    req.AddParam(L"async",L"1");

    req.put_HttpVerb(L"POST");
    req.put_ContentType(L"application/x-www-form-urlencoded");

    CkHttpResponseW resp;
    success = http.HttpReq(url,req,resp);
    if (success == false) {
        wprintf(L"%s\n",http.lastErrorText());
        return;
    }

    wprintf(L"status code = %d\n",resp.get_StatusCode());

    CkJsonObjectW json;
    success = json.Load(resp.bodyStr());
    json.put_EmitCompact(false);
    wprintf(L"%s\n",json.emit());

    if (resp.get_StatusCode() != 200) {
        return;
    }

    // Sample successful output:

    // status code = 200

    // {
    //   "stat": "OK",
    //   "response": {
    //     "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
    //   }
    // }

    const wchar_t *txid = json.stringOf(L"response.txid");

    // Use your own hostname here:
    CkStringBuilderW sbUrl;
    sbUrl.Append(L"https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=");
    sbUrl.Append(txid);
    const wchar_t *url = sbUrl.getAsString();

    wprintf(L"Auth status URL: %s\n",url);

    CkStringBuilderW sbResult;
    const wchar_t *responseStatus = 0;
    const wchar_t *responseStatus_msg = 0;

    // Wait for a response...
    int i = 0;
    int maxWaitIterations = 100;
    while (i < maxWaitIterations) {
        // Wait 3 seconds.
        http.SleepMs(3000);

        wprintf(L"Polling...\n");

        success = http.HttpNoBody(L"GET",url,resp);
        if (success == false) {
            wprintf(L"%s\n",http.lastErrorText());
            return;
        }

        if (resp.get_StatusCode() != 200) {
            wprintf(L"error status code = %d\n",resp.get_StatusCode());
            wprintf(L"%s\n",resp.bodyStr());
            wprintf(L"Failed.\n");
            return;
        }

        // Sample response:

        // 	{
        // 	  "stat": "OK",
        // 	  "response": {
        // 	    "result": "waiting",
        // 	    "status": "pushed",
        // 	    "status_msg": "Pushed a login request to your phone..."
        // 	  }
        // 	}

        json.Load(resp.bodyStr());

        // The responseResult can be "allow", "deny", or "waiting"
        sbResult.Clear();
        json.StringOfSb(L"response.result",sbResult);
        responseStatus = json.stringOf(L"response.status");
        responseStatus_msg = json.stringOf(L"response.status_msg");

        wprintf(L"%s\n",sbResult.getAsString());
        wprintf(L"%s\n",responseStatus);
        wprintf(L"%s\n",responseStatus_msg);
        wprintf(L"\n");

        if (sbResult.ContentsEqual(L"waiting",true) == true) {
            i = i + 1;
        }
        else {
            // Force loop exit..
            i = maxWaitIterations;
        }

    }

    wprintf(L"Finished.\n");
    }