IDP Webhook Settings
    • 01 Sep 2024
    • 1 Minute to read
    • Dark
      Light
    • PDF

    IDP Webhook Settings

    • Dark
      Light
    • PDF

    Article summary

    PlainID IDP Authorizer

    Define The Okta Inline Hook Settings

    ParameterValueDescription
    NamePlainID AccessAny name
    URLhttps://[plainid-base-url].plainid.io/hook/okta?appPostfix=-V5e.g.:
    https://acme-finance.us1.plainid.io/hook/okta?appPostfix=-V5
    Authentication fieldx-plainid-secretThe attribute/header that will contain the value of the corresponding PlainID Scope clientSecret
    Authentication secretFor PlainID SaaS IDP Webhook:
    - Use the PlaindID Scope clientSecret
    For PlainID PAA IDP Webhook:
    -Use the secret from the IDP Webhook configuration file
    Custom header fieldx-plainid-clientValue the PlainID ClientID - obtained from the corresponding PlainID Scope Management

    Test the Webhook

    To simulate the user login to the web-application, we can use an OIDC tool (e.g. https://oidcdebugger.com/) - this will test the full integration, and will allow you to review the Token Enriched JWT that contains the relevant claims (keys and values) - Sample configuration for https://oidcdebugger.com:

    AttributeValueDescription
    Authorize urihttps://dev-344343.okta.com/oauth2/aus7j5bjshdjfhshZNm25d7/v1/authorizeThe link to the defined Okta Client
    Client ID0oa7ldghfeskfjIoOii5d7The Okta Application Client ID
    Response TypesSelect all available values
    ScopeOpenid

    After the settings are set, click on “Send Request” to test the configuration.

    If everything is configured correctly you can expect to receive a JWT/Response with the relevant claims from the PlainID Access Policy, e.g.:

    {  
      "sub": "00u7mdjdhdhdhjBky5d7",  
      "ver": 1,  
      "iss": "https://dev-344343.okta.com/oauth2/aus7j5bjshdjfhshZNm25d7",  
      "aud": "0oa7m66nxxZ30CEOg5d7",  
      "iat": 1673259158,  
      "exp": 1673262758,  
      "jti": "ID.fMPCup1auYv4cJWA8h_7rm2RpdWRfQ77uAWQh4OvFyo",  
      "amr": [  
          "pwd"  
      ],  
      "idp": "00o7ifadsdasddXcpgO5d7",  
      "nonce": "s9r39ftqr7dm",  
      "auth_time": 1673250531,  
      "at_hash": "RJasdfadsfSakS7s-YiwQ",  
      "c_hash": "f3tMasdfasdfz4DDKyyk2QKw",  
      "claimPortalRole": [  
          "Administrator"  
      ],  
      "DepartmentManagerLevel": [  
          "Senior"  
      ]  
    }
    

    Was this article helpful?

    What's Next