Create an event hook
Event hooks now include filtering support and a new creation flow. These are Beta features. See Beta Programs.
A maximum of 10 event hook are allowed for each org.
- In the Admin Console, go to .
- Click Create Event Hook.
- Complete these fields:
- Endpoint URL: Enter the external service's endpoint URL where the event hook sends the request. Workflows API URLs don't need to be verified.
- Event Hook name: Enter a unique name for the event hook.
- Description: Optional. Enter the purpose and a description of the event hook.
- Optional. For enhanced security and to secure the communication channel between Okta and your external service, complete these fields in the Enhance security area:
- Authentication field: Enter the name of the authorization header.
- Authentication secret: Enter the value that corresponds to the field name. To display the authentication value click the Show icon, otherwise the value is masked.
- Optional. To create custom proprietary headers for additional authorization security, click Add Field in the Custom headers area and then complete these fields:
- Field Name: Enter a name for the custom header.
- Value: Enter a value for the field name.
- Click inside of the text box next to Select all events that apply to to show the list of events and then select the events that you want to add to the event hook.
- Click Create hook & Continue to save the unverified event hook.
- Optional. To apply filters to each event and reduce the amount of events that you receive, click the Apply filter checkbox and then enter the Okta Expression Language for the filter in the in the Expression language text box. See About the Okta Expression Language .
- Click Save & Continue.
- To preview the Event Hook, verify and complete these fields:
- Name: Confirm the name of the event hook is correct.
- URL: Confirm the endpoint URL is correct.
- Event Type: Select an event in the dropdown.
- System Log Event: Select a System Log event in the dropdown. If no System Log events are available, the preview uses sample JSON.
- Optional. In the JSON section click Edit to make changes to the JSON payload and then click Save to save your changes.
- Click Deliver Request to test the JSON payload for the event hook request.
- Click Next.
- Verify endpoint ownership:
- Before you can send an event request to your endpoint, you need to have Okta make a one-time GET verification request to your endpoint, passing your service a verification value that your service needs to send back. This confirms that you control the endpoint. Your external service needs to read the value of the X-Okta-Verification-Challenge header and respond with the same value in a JSON property named verification with a 2XX HTTP status response code.
- Verify the URL endpoint.
- Click Verify. When the endpoint is successfully verified, the Verification column on the event hooks page displays Verified.
The Event Hook Preview displays the status of the Event Hook request. For example, Request Delivery Successful.
When no events are generated for an event type, the Event Hook Preview displays an example event with sample data. Undetermined fields are set to null and can be replaced with custom values for testing.