Sample code for 30+ languages & platforms
VBScript

Duo Auth API - Async Auth

See more Duo Auth MFA Examples

If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.

Chilkat VBScript Downloads

VBScript
Dim fso, outFile
Set fso = CreateObject("Scripting.FileSystemObject")
'Create a Unicode (utf-16) output text file.
Set outFile = fso.CreateTextFile("output.txt", True, True)

success = 0

' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

integrationKey = "DIMS3V5QDVG9J9ABRXC4"
secretKey = "HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab"

set http = CreateObject("Chilkat.Http")

http.Accept = "application/json"

' Use your own hostname here:
url = "https://api-a03782e1.duosecurity.com/auth/v2/auth"

' This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
' generate and send the HMAC signature for the requires based on the integration key and secret key.
http.Login = integrationKey
http.Password = secretKey

set req = CreateObject("Chilkat.HttpRequest")
req.AddParam "username","matt"
req.AddParam "factor","push"
' The device ID can be obtained from the preauth response.  See Duo Preauth Example
req.AddParam "device","DP6GYVTQ5NK82BMR851F"
' Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
req.AddParam "async","1"

req.HttpVerb = "POST"
req.ContentType = "application/x-www-form-urlencoded"

set resp = CreateObject("Chilkat.HttpResponse")
success = http.HttpReq(url,req,resp)
If (success = 0) Then
    outFile.WriteLine(http.LastErrorText)
    WScript.Quit
End If

outFile.WriteLine("status code = " & resp.StatusCode)

set json = CreateObject("Chilkat.JsonObject")
success = json.Load(resp.BodyStr)
json.EmitCompact = 0
outFile.WriteLine(json.Emit())

If (resp.StatusCode <> 200) Then
    WScript.Quit
End If

' Sample successful output:

' status code = 200

' {
'   "stat": "OK",
'   "response": {
'     "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
'   }
' }

txid = json.StringOf("response.txid")

' Use your own hostname here:
set sbUrl = CreateObject("Chilkat.StringBuilder")
success = sbUrl.Append("https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=")
success = sbUrl.Append(txid)
url = sbUrl.GetAsString()

outFile.WriteLine("Auth status URL: " & url)

set sbResult = CreateObject("Chilkat.StringBuilder")

' Wait for a response...
i = 0
maxWaitIterations = 100
Do While i < maxWaitIterations
    ' Wait 3 seconds.
    http.SleepMs 3000

    outFile.WriteLine("Polling...")

    success = http.HttpNoBody("GET",url,resp)
    If (success = 0) Then
        outFile.WriteLine(http.LastErrorText)
        WScript.Quit
    End If

    If (resp.StatusCode <> 200) Then
        outFile.WriteLine("error status code = " & resp.StatusCode)
        outFile.WriteLine(resp.BodyStr)
        outFile.WriteLine("Failed.")
        WScript.Quit
    End If

    ' Sample response:

    ' 	{
    ' 	  "stat": "OK",
    ' 	  "response": {
    ' 	    "result": "waiting",
    ' 	    "status": "pushed",
    ' 	    "status_msg": "Pushed a login request to your phone..."
    ' 	  }
    ' 	}

    success = json.Load(resp.BodyStr)

    ' The responseResult can be "allow", "deny", or "waiting"
    sbResult.Clear 
    success = json.StringOfSb("response.result",sbResult)
    responseStatus = json.StringOf("response.status")
    responseStatus_msg = json.StringOf("response.status_msg")

    outFile.WriteLine(sbResult.GetAsString())
    outFile.WriteLine(responseStatus)
    outFile.WriteLine(responseStatus_msg)
    outFile.WriteLine("")

    If (sbResult.ContentsEqual("waiting",1) = 1) Then
        i = i + 1
    Else
        ' Force loop exit..
        i = maxWaitIterations
    End If

Loop

outFile.WriteLine("Finished.")

outFile.Close