Create a Hook
Early Preview
This API is in early preview and may be subject to change. Please complete this form to register for early access.
Use this API to create a Hook function to extend a OneLogin workflow.
For example you might want to create conditional login flow that offers a different experience base on the device type and location of the authenticating user. For this you would create a pre-authentication
hook containing the conditional function code.
See Hook Overview for more detail on the types of hooks available, the context object inserted into the hook function, and how to return from your hook function.
Resource URL
https://<api-domain>/api/2/hooks
Header Parameters
Authorization required string | Set to Set The access token must have been generated using an API credential pair created using the scope required to call this API. This API can be called using any one of the following scopes: In order to use Smart Hooks your API Credentials must be created after 21st October 2020. |
Content-Type required string |
Set to application/json . |
Request Parameters
type required integer |
The type of hook function that will be created. Must be one of:
See the Smart Hooks Overview for more detail on the types of hooks available, the context object inserted into the hook function, and how to return from your hook function. |
disabled required boolean |
Default true. Indicates if function is available for execution or not. |
timeout required integer |
Default 1. The number of seconds to allow the hook function to run before before timing out. Maximum timeout varies based on the type of hook. See overview for more details. |
env_vars required array |
An array of predefined environment variables to be supplied to the function at runtime. |
runtime required string |
The Node.js version to execute the hook function with. Must be one of the following supported versions:
|
context_version optional string |
Defaults to latest version of context. Supports semantic versioning. e.g. |
retries required integer |
Default 0. Max 4. Number of retries if execution fails. |
risk_enabled required boolean |
Default false. When true a risk score and risk reasons will be passed in the context. Only applies authentication time hooks. E.g. pre-authentication. |
mfa_device_info_enabled optional boolean |
Default false. When true a list of MFA devices registered by the user will be made available in the pre-authentication context. |
location_enabled required boolean |
Default false. When true an ip to location lookup is done and the location info is passed in the context. Only applies authentication time hooks. E.g. pre-authentication. |
packages required object |
A list of public npm packages than will be installed as part of the function build process. Packages can be any version and support the semantic versioning syntax used by NPM. |
function required string |
A base64 encoded string containing the javascript function code. |
Sample Responses
- 201 Created
- 401 Unauthorized
- 409 Conflict
- 422 Unprocessable Entity
{
"id": "bcc59ea8-002c-4ef7-8002-742ce7cc1892",
"type": "pre-authentication",
"packages": {},
"runtime": "nodejs12.x",
"retries": 0,
"timeout": 1,
"disabled": false,
"status": "create-queued",
"env_vars": [],
"risk_enabled": false,
"location_enabled": false,
"created_at": "2020-10-19T23:18:35.162Z",
"updated_at": "2020-10-19T23:18:35.165Z",
"function": "CmV4cG9ydHMuaGFuZGxlciA9IGFzeW5jIChjb250ZXh0KSA9PiB7CiAgICByZXR1cm4gewogICAgICAgIHVzZXI6IGNvbnRleHQudXNlcgogICAgfQp9Cg=="
}
Typically, this error means that your Authorization
header value is missing or incorrectly formatted. The Authorization
header value should use this format: bearer:<access_token>
.
{
"message": "Unauthorized",
"statusCode": 401,
"name": "UnauthorizedError"
}
You have tried to create another function for a hook that only allows a single one to be defined. For example you can only have a single pre-authentication
hook defined.
{
"name": "UnauthorizedError",
"message": "The request requires user authentication."
}
You function is not base64 encoded.
{
"name": "UnprocessableEntityError",
"message": "instance.function does not match pattern \"^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$\""
}
Response Elements
The values sent in the original payload body will be returned along with the following additions.
id |
The Hook unique ID in OneLogin. |
status |
String describing the state of the hook function. When a hook is ready and disabled is false it will be executed.
|
Postman Collection
Replace sample variables indicated by {{ }}
with your actual values.
Download for the Smart Hooks API
Sample Code
cURL
Replace sample values indicated by < >
with your actual values.
Create Hook
curl 'https://<api-domain>/api/2/hooks' \
-X POST \
-H "Authorization: bearer <access_token>" \
-H "Content-Type: application/json" \
-d '{
"type": "pre-authentication",
"function": "CmV4cG9ydHMuaGFuZGxlciA9IGFzeW5jIChjb250ZXh0KSA9PiB7CiAgICBjb25zb2xlLmxvZyhjb250ZXh0KQogICAgcmV0dXJuIHsKICAgICAgICB1c2VyOiBjb250ZXh0LnVzZXIKICAgIH0KfQo=",
"disabled": false,
"runtime": "nodejs12.x",
"retries": 0,
"timeout": 1,
"risk_enabled": false,
"location_enabled": false,
"env_vars": [
],
"packages": {
}
}'
Have a Question?

Have a how-to question? Seeing a weird error? Ask us about it on StackOverflow.

Found a bug? Submit a support ticket.

Have a product idea or request? Share it with us in our Ideas Portal.