inline_hooks
Creates, updates, deletes, gets or lists an inline_hooks resource.
Overview
| Name | inline_hooks |
| Type | Resource |
| Id | okta.inlinehooks.inline_hooks |
Fields
The following fields are returned by SELECT queries:
- list_inline_hooks
- get_inline_hook
| Name | Datatype | Description |
|---|---|---|
id | string | The unique identifier for the inline hook |
name | string | The display name of the inline hook |
_links | object | Specifies link relations (see Web Linking) available using the JSON Hypertext Application Language specification. This object is used for dynamic discovery of related resources and lifecycle operations. |
channel | object | |
created | string (date-time) | Date of the inline hook creation |
lastUpdated | string (date-time) | Date of the last inline hook update |
status | string | |
type | string | One of the inline hook types |
version | string | Version of the inline hook type. The currently supported version is 1.0.0. |
| Name | Datatype | Description |
|---|---|---|
id | string | The unique identifier for the inline hook |
name | string | The display name of the inline hook |
_links | object | Specifies link relations (see Web Linking) available using the JSON Hypertext Application Language specification. This object is used for dynamic discovery of related resources and lifecycle operations. |
channel | object | |
created | string (date-time) | Date of the inline hook creation |
lastUpdated | string (date-time) | Date of the last inline hook update |
status | string | |
type | string | One of the inline hook types |
version | string | Version of the inline hook type. The currently supported version is 1.0.0. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
list_inline_hooks | select | subdomain | type | Lists all inline hooks or all inline hooks of a specific type. When listing a specific inline hook, you need to specify its type. The following types are currently supported: | Type Value | Name | |------------------------------------|----------------------------------------------------------------| | com.okta.import.transform | User import inline hook || com.okta.oauth2.tokens.transform | Token inline hook || com.okta.saml.tokens.transform | SAML assertion inline hook || com.okta.telephony.provider | Telephony inline hook || com.okta.user.credential.password.import | Password import inline hook|| com.okta.user.pre-registration | Registration inline hook | |
get_inline_hook | select | subdomain | Retrieves an inline hook by inlineHookId | |
create_inline_hook | insert | subdomain | Creates an inline hook This endpoint creates an inline hook for your org in an ACTIVE status. You need to pass an inline hooks object in the JSON payload of your request. That object represents the set of required information about the inline hook that you're registering, including: * The URI of your external service endpoint * The type of inline hook you're registering * The type of authentication you're registering There are two authentication options that you can configure for your inline hook: HTTP headers and OAuth 2.0 tokens. HTTP headers let you specify a secret API key that you want Okta to pass to your external service endpoint (so that your external service can check for its presence as a security measure). >Note: The API key that you set here is unrelated to the Okta API token you must supply when making calls to Okta APIs. You can also optionally specify extra headers that you want Okta to pass to your external service with each call. To configure HTTP header authentication, see parameters for the config object.OAuth 2.0 tokens provide enhanced security between Okta and your external service. You can configure these tokens for the following types—client secret and private key. >Note: Your external service's endpoint needs to be a valid HTTPS endpoint. The URI you specify should always begin with https://.The total number of inline hooks that you can create in an Okta org is limited to 50, which is a combined total for any combination of inline hook types. | |
update_inline_hook | update | subdomain | Updates an inline hook by inlineHookId | |
replace_inline_hook | replace | subdomain | Replaces an inline hook by inlineHookId. The submitted inline hook properties replace the existing properties after passing validation.>Note: Some properties are immutable and can't be updated. | |
delete_inline_hook | delete | subdomain | Deletes an inline hook by inlineHookId. After it's deleted, the inline hook is unrecoverable. As a safety precaution, only inline hooks with a status of INACTIVE are eligible for deletion. | |
execute_inline_hook | exec | subdomain | Executes the inline hook that matches the provided inlineHookId by using the request body as the input. This inline hook sends the provided data through the channel object and returns a response if it matches the correct data contract. Otherwise it returns an error. You need to construct a JSON payload that matches the payloads that Okta would send to your external service for this inline hook type. A timeout of three seconds is enforced on all outbound requests, with one retry in the event of a timeout or an error response from the remote system. If a successful response isn't received after the request, a 400 error is returned with more information about what failed. >Note: This execution endpoint isn't tied to any other functionality in Okta, and you should only use it for testing purposes. | |
activate_inline_hook | exec | subdomain | Activates the inline hook by inlineHookId | |
deactivate_inline_hook | exec | subdomain | Deactivates the inline hook by inlineHookId |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
subdomain | string | The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org) |
type | string | One of the supported inline hook types |
SELECT examples
- list_inline_hooks
- get_inline_hook
Lists all inline hooks or all inline hooks of a specific type.
When listing a specific inline hook, you need to specify its type. The following types are currently supported:
| Type Value | Name |
|------------------------------------|----------------------------------------------------------------|
| com.okta.import.transform | User import inline hook |
| com.okta.oauth2.tokens.transform | Token inline hook |
| com.okta.saml.tokens.transform | SAML assertion inline hook |
| com.okta.telephony.provider | Telephony inline hook |
| com.okta.user.credential.password.import | Password import inline hook|
| com.okta.user.pre-registration | Registration inline hook |
SELECT
id,
name,
_links,
channel,
created,
lastUpdated,
status,
type,
version
FROM okta.inlinehooks.inline_hooks
WHERE subdomain = '{{ subdomain }}' -- required
AND type = '{{ type }}'
;
Retrieves an inline hook by inlineHookId
SELECT
id,
name,
_links,
channel,
created,
lastUpdated,
status,
type,
version
FROM okta.inlinehooks.inline_hooks
WHERE subdomain = '{{ subdomain }}' -- required
;
INSERT examples
- create_inline_hook
- Manifest
Creates an inline hook
This endpoint creates an inline hook for your org in an ACTIVE status. You need to pass an inline hooks object in the JSON payload of your request.
That object represents the set of required information about the inline hook that you're registering, including:
* The URI of your external service endpoint
* The type of inline hook you're registering
* The type of authentication you're registering
There are two authentication options that you can configure for your inline hook: HTTP headers and OAuth 2.0 tokens.
HTTP headers let you specify a secret API key that you want Okta to pass to your external service endpoint (so that your external service can check for its presence as a security measure).
>Note: The API key that you set here is unrelated to the Okta API token you must supply when making calls to Okta APIs.
You can also optionally specify extra headers that you want Okta to pass to your external service with each call.
To configure HTTP header authentication, see parameters for the config object.
OAuth 2.0 tokens provide enhanced security between Okta and your external service. You can configure these tokens for the following types—client secret and private key.
>Note: Your external service's endpoint needs to be a valid HTTPS endpoint. The URI you specify should always begin with https://.
The total number of inline hooks that you can create in an Okta org is limited to 50, which is a combined total for any combination of inline hook types.
INSERT INTO okta.inlinehooks.inline_hooks (
data__channel,
data__name,
data__type,
data__version,
subdomain
)
SELECT
'{{ channel }}',
'{{ name }}',
'{{ type }}',
'{{ version }}',
'{{ subdomain }}'
RETURNING
id,
name,
_links,
channel,
created,
lastUpdated,
status,
type,
version
;
# Description fields are for documentation purposes
- name: inline_hooks
props:
- name: subdomain
value: string
description: Required parameter for the inline_hooks resource.
- name: channel
value: object
- name: name
value: string
description: >
The display name of the inline hook
- name: type
value: string
description: >
One of the inline hook types
valid_values: ['com.okta.import.transform', 'com.okta.oauth2.tokens.transform', 'com.okta.saml.tokens.transform', 'com.okta.telephony.provider', 'com.okta.user.credential.password.import', 'com.okta.user.pre-registration']
- name: version
value: string
description: >
Version of the inline hook type. The currently supported version is `1.0.0`.
UPDATE examples
- update_inline_hook
Updates an inline hook by inlineHookId
UPDATE okta.inlinehooks.inline_hooks
SET
data__channel = '{{ channel }}',
data__name = '{{ name }}',
data__version = '{{ version }}'
WHERE
subdomain = '{{ subdomain }}' --required
RETURNING
id,
name,
_links,
channel,
created,
lastUpdated,
status,
type,
version
;
REPLACE examples
- replace_inline_hook
Replaces an inline hook by inlineHookId. The submitted inline hook properties replace the existing properties after passing validation.
>Note: Some properties are immutable and can't be updated.
REPLACE okta.inlinehooks.inline_hooks
SET
data__channel = '{{ channel }}',
data__name = '{{ name }}',
data__version = '{{ version }}'
WHERE
subdomain = '{{ subdomain }}' --required
RETURNING
id,
name,
_links,
channel,
created,
lastUpdated,
status,
type,
version
;
DELETE examples
- delete_inline_hook
Deletes an inline hook by inlineHookId. After it's deleted, the inline hook is unrecoverable. As a safety precaution, only inline hooks with a status of INACTIVE are eligible for deletion.
DELETE FROM okta.inlinehooks.inline_hooks
WHERE subdomain = '{{ subdomain }}' --required
;
Lifecycle Methods
- execute_inline_hook
- activate_inline_hook
- deactivate_inline_hook
Executes the inline hook that matches the provided inlineHookId by using the request body as the input. This inline hook sends the provided
data through the channel object and returns a response if it matches the correct data contract. Otherwise it returns an error. You need to
construct a JSON payload that matches the payloads that Okta would send to your external service for this inline hook type.
A timeout of three seconds is enforced on all outbound requests, with one retry in the event of a timeout or an error response from the remote system.
If a successful response isn't received after the request, a 400 error is returned with more information about what failed.
>Note: This execution endpoint isn't tied to any other functionality in Okta, and you should only use it for testing purposes.
EXEC okta.inlinehooks.inline_hooks.execute_inline_hook
@subdomain='{{ subdomain }}' --required
;
Activates the inline hook by inlineHookId
EXEC okta.inlinehooks.inline_hooks.activate_inline_hook
@subdomain='{{ subdomain }}' --required
;
Deactivates the inline hook by inlineHookId
EXEC okta.inlinehooks.inline_hooks.deactivate_inline_hook
@subdomain='{{ subdomain }}' --required
;