/bolt.new-ai-integrations

Bolt.new AI and Duo Security integration: Step-by-Step Guide 2025

Integrate Bolt.new AI with Duo Security using our step-by-step guide. Secure access, boost authentication, and enhance your system security today!

Book a free  consultation
Matt Graham, CEO of Rapid Developers

Book a call with an Expert

Starting a new venture? Need to upgrade your web app? RapidDev builds application with your growth in mind.

Book a free No-Code consultation

How to integrate Bolt.new AI with Duo Security?

 

Configuring Duo Security Credentials

 

Create a file named config.ts in your project’s root (or configuration folder) and add your Duo Security settings. Replace the placeholder values with your actual Duo keys and host information.


export const DUO_CONFIG = {
  integrationKey: 'YOURDUOINTEGRATION_KEY',
  secretKey: 'YOURDUOSECRET_KEY',
  apiHost: 'api-XXXXXXXX.duosecurity.com',
  applicationKey: 'ARANDOMAPPLICATION_KEY' // Used for signing requests; generate a strong secret value
};

 

Adding the Duo Security Helper Functions

 

Since Bolt.new AI does not support terminal installations, manually create a file named duo_web.ts in your project to handle Duo signature creation and verification. This simplified example mimics Duo’s signing process. In production, replace these functions with proper cryptographic implementations.


import { DUO_CONFIG } from './config';


export function signRequest(username: string): string {
    // Constructs a dummy signed request string based on Duo guidelines.
    const requestData = ${DUO_CONFIG.integrationKey}:${username};
    // Create signature using secretKey; here using btoa for demonstration.
    // Replace with a proper HMAC signing mechanism in production.
    return btoa(requestData + ':' + DUO_CONFIG.secretKey);
}


export function verifyResponse(sigResponse: string): string | null {
    // Verifies the Duo response.
    try {
        const decoded = atob(sigResponse);
        const parts = decoded.split(':');
        if (parts && parts.length >= 2) {
            // Return the username if signature format is correct.
            return parts[1];
        }
    } catch(e) {
        console.error('Duo signature verification failed', e);
    }
    return null;
}

 

Integrating Duo Authentication in Your Login Flow

 

Create or modify an authentication file (for example, auth.ts) to include Duo integration. Import the helper functions from duo_web.ts and use them in your login flow to initiate Duo authentication and verify user responses.


import { signRequest, verifyResponse } from './duo_web';


// Function to initiate the Duo authentication process
export function initiateDuoAuth(username: string): string {
  // Generate the signed Duo authentication request signature.
  const duoSigRequest = signRequest(username);
  // This signature should be embedded in your Duo iframe on the frontend.
  return duoSigRequest;
}


// Function to handle and verify the Duo response from the frontend.
export function handleDuoResponse(duoSigResponse: string): string {
  const username = verifyResponse(duoSigResponse);
  if (username) {
    // If successful, continue with your normal login logic.
    return User ${username} authenticated successfully.;
  } else {
    // Handle failed authentication.
    return 'Duo Authentication failed.';
  }
}

 

Modifying Your Frontend to Include the Duo Prompt

 

In your login page file (for example, login.tsx), embed the Duo iframe using the signature generated from your backend. This will display Duo’s authentication widget to the user.


// Ensure you have a container element (e.g., a div with id="duo-container")
// where the Duo iframe will be inserted.


const duoSigRequest = 'REPLACEWITHFETCHEDDUOSIGREQUESTFROM_BACKEND'; // Fetch this using initiateDuoAuth


const duoFrameHTML =   <iframe id="duo_iframe"     style="width:100%; height:500px;"     frameborder="0"     src="https://${DUOCONFIG.apiHost}/frame/web/v1/auth?duosig_request=${encodeURIComponent(duoSigRequest)}">   </iframe>;


// Render the Duo iframe inside a container element on your page.
document.getElementById('duo-container')!.innerHTML = duoFrameHTML;

 

Handling Duo Response on the Frontend

 

After the user interacts with Duo’s widget, capture the response value and post it back to your backend verification endpoint. Add the following snippet to your login page code (for example, in login.tsx).


// Assume there is an input field with id="duo-response" that receives the Duo response,
// and a button with id="duo-submit" to submit the authentication response.


document.getElementById('duo-submit')!.addEventListener('click', function() {
  const duoResponse = (document.getElementById('duo-response') as HTMLInputElement).value;


  // In a real application, post this response to your backend endpoint.
  // Here, we simulate the process by directly calling handleDuoResponse.
  // Import handleDuoResponse in the frontend code if using a shared module or via an API call.
  const result = handleDuoResponse(duoResponse);
  alert(result);
});

 

Finalizing the Integration in Your Bolt.new AI Project

 

Ensure your project structure includes the newly created files:


// File structure example:
// /config.ts        - Contains Duo Security configurations
// /duo_web.ts       - Contains Duo helper functions for signing and verifying requests
// /auth.ts          - Contains backend functions for initiating Duo authentication and handling responses
// /login.tsx        - Frontend login page that integrates the Duo iframe and response handling

No terminal commands are needed as all dependencies and integrations are managed via code files.

Want to explore opportunities to work with us?

Connect with our team to unlock the full potential of no-code solutions with a no-commitment consultation!

Book a Free Consultation

Client trust and success are our top priorities

When it comes to serving you, we sweat the little things. That’s why our work makes a big impact.

Rapid Dev was an exceptional project management organization and the best development collaborators I've had the pleasure of working with. They do complex work on extremely fast timelines and effectively manage the testing and pre-launch process to deliver the best possible product. I'm extremely impressed with their execution ability.

CPO, Praction - Arkady Sokolov

May 2, 2023

Working with Matt was comparable to having another co-founder on the team, but without the commitment or cost. He has a strategic mindset and willing to change the scope of the project in real time based on the needs of the client. A true strategic thought partner!

Co-Founder, Arc - Donald Muir

Dec 27, 2022

Rapid Dev are 10/10, excellent communicators - the best I've ever encountered in the tech dev space. They always go the extra mile, they genuinely care, they respond quickly, they're flexible, adaptable and their enthusiasm is amazing.

Co-CEO, Grantify - Mat Westergreen-Thorne

Oct 15, 2022

Rapid Dev is an excellent developer for no-code and low-code solutions.
We’ve had great success since launching the platform in November 2023. In a few months, we’ve gained over 1,000 new active users. We’ve also secured several dozen bookings on the platform and seen about 70% new user month-over-month growth since the launch.

Co-Founder, Church Real Estate Marketplace - Emmanuel Brown

May 1, 2024 

Matt’s dedication to executing our vision and his commitment to the project deadline were impressive. 
This was such a specific project, and Matt really delivered. We worked with a really fast turnaround, and he always delivered. The site was a perfect prop for us!

Production Manager, Media Production Company - Samantha Fekete

Sep 23, 2022