Add an inline hook
After creating your external service, you need to connect the external service with Okta and enable it for a particular process flow by adding an inline hook.
- In the Admin Console, go to .
- Click Add Inline Hook, and then select the type of inline hook:
Registration: customizes the handling of user registration requests in Self-Service Registration
SAML: customizes SAML assertions returned by Okta.
Token: customizes tokens returned by Okta API Access Management.
Password Import: verifies a user-supplied password to support migration of users to Okta.
User Import: customizes handling of new users who are imported into Okta from an application.
Telephony: use a telephony service provider to send SMS text messages or voice calls. See Connect to an external telephony service provider.
- Define the following attributes:
Name: a descriptive name for the inline hook.
URL: the external service's endpoint URL, to which the inline hook sends the request.
-
Select the authentication type, and define the associated fields:
-
HTTP Headers
-
Authentication field: name of the authorization header.
-
Authentication secret: value string that corresponds to the Authentication field name.
-
-
OAuth 2.0 - Use client secret
-
Client Authentication. Select: Use client secret (client_secret_post). Uses the client ID and secret as parameters in the request body for authentication.
-
Client ID: a publicly exposed string provided by the service that is used to identify the OAuth application and build authorization URLs.
-
Client Secret: a private value provided by the service used to authenticate the identity of the application to the service.
-
Token URL: the URI where inline hooks can exchange an authorization code for access and refresh tokens. For example, /token.
-
Scope: the scope that allows you to perform the actions on the hook endpoint that you want to access.
-
-
OAuth 2.0 - Use private key
-
Client Authentication. Select: Use private key (private_key_jwt). Uses the private key to sign the JSON Web Token (JWT) and the public key to verify the client assertion for authentication.
-
Client ID: a publicly exposed string provided by the service that is used to identify the OAuth application and build authorization URLs.
-
Key: the public/private key pair used to verify token requests. See Manage keys.
-
Token URL: the URI where inline hooks can exchange an authorization code for access and refresh tokens. For example, /token.
-
Scope: the scope that allows you to perform the actions on the hook endpoint that you want to access.
-
-
-
Optional. Custom Header fields: add a field name and value to send with the request.
- Click Save. The inline hook is now active.
- Associate the endpoint with an Okta process flow. This process varies by Inline Hook type.