From 2b5e5121e12331ba40bcd545d8f2178ab3989e11 Mon Sep 17 00:00:00 2001
From: Hamid Ghaf <83242695+hghaf099@users.noreply.github.com>
Date: Tue, 24 Jan 2023 17:28:59 -0500
Subject: [PATCH] Provide IP Address in Duo Request (#18811)

* Provide IP Address in Duo Request

* CL
---
 changelog/18811.txt | 3 +++
 vault/login_mfa.go  | 1 +
 2 files changed, 4 insertions(+)
 create mode 100644 changelog/18811.txt

diff --git a/changelog/18811.txt b/changelog/18811.txt
new file mode 100644
index 000000000..34a155dda
--- /dev/null
+++ b/changelog/18811.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+auth: Provide an IP address of the requests from Vault to a Duo challenge after successful authentication.
+```
diff --git a/vault/login_mfa.go b/vault/login_mfa.go
index c98389225..2a7ac6c19 100644
--- a/vault/login_mfa.go
+++ b/vault/login_mfa.go
@@ -1951,6 +1951,7 @@ func (c *Core) validateDuo(ctx context.Context, mfaFactors *MFAFactor, mConfig *
 		}
 	}
 
+	options = append(options, authapi.AuthIpAddr(reqConnectionRemoteAddr))
 	options = append(options, authapi.AuthUsername(username))
 	options = append(options, authapi.AuthAsync())