We tested this trigger implementation with a 'free' Duo account.
The credentials for contacting its authenticating server are listed in duo.json.
Note that the administrator of this account can change the secret key for the
account from the administrator's control panel, so if that happens the update
duo.json file will also need to be updated with this new key.