Error 403 message seen during API testing in DUO even though valid credentials were provided. Does wrong integration type mean i need a new key?

Question

I used the following API in postman with integration key, client secret from the Admin API application but no luck. GET: https://api-123abc.duosecurity.com/auth/v2/check Furthermore,

1. I used basic auth for authorization
2. Integration key for username and created the password via
   https://www.freeformatter.com/hmac-generator.html#ad-output (used
   integration key for string and client secret from the duo UI)

I used the following headers:

Authorization:Basic
Integration-key:Secret-key
Date:Fri, 20 May 2022 02:26:39 +0000
Content-Type:application/x-www-form-urlencoded

Besides this I used the code

btoa('integration key:secret key')

to generate authentication code but it still gives the following error

{
    "code": 40301,
    "message": "Access forbidden",
    "message_detail": "Wrong integration type for this API.",
    "stat": "FAIL"
}

Answer 1

• Add Postman PreRequest script
• update/replace integration and secret keys in below script
• follow docs

const cannon = [
    new Date().toUTCString(),
    pm.request.method,
    pm.request.url.host.join('.'),
    '/'+pm.request.url.path.join('/'),
];


if (pm.request.body.urlencoded){
    cannon.push(pm.request.body.urlencoded);
}

function hmacSign(cannon, integrationKey, secretKey){
    const message = cannon.join("\n");
    console.log(message);
    var hmac =  CryptoJS.HmacSHA1(message, secretKey)
    return btoa(`${integrationKey}:${hmac}`)
}



const sign = hmacSign(cannon, "DIWJ8X6AEYOR5OMC6TQ1", "Zh5eGmUq9zpfQnyUIu5OL9iWoMMv5ZNmk3zLJ4Ep")

pm.request.headers.add({
    key: "authorization",
    value: sign
});