Okta Hooks
Gives developers and IT teams the power to add custom logic to Okta
Every person, every technology, every identity journey is different and requirements are constantly changing. Organizations need to create deep integrations across their technology ecosystem, driven by identity.
Okta Hooks
Hooks enable developers and IT teams to modify flows or quickly integrate other systems with custom code running on any cloud or infrastructure. Hooks also enable organizations to create unlimited custom integrations for the Okta Integration Network. From adding identity proofing and verification into consumer registration decisions to customizing employee account creation flows, Hooks delivers advanced integration options by providing significant latitude for developers to customize and extend the reach and breadth of the Okta Identity Cloud.
There are two types of Hooks:
Event Hooks
Event Hooks send Okta events of interest to your systems via HTTP POST as they occur, just like a webhook. A developer can write additional logic to notify or kick off workflows within downstream services.
Potential customizations using Event Hooks include:
- Push newly registered user to the rest of your marketing technology stack, including email marketing systems, analytics, CRM, data warehouse, etc
- After a user registers in Okta, complete the account creation process across backend systems
- Sync user profile updates into downstream data stores Upon user deletion in Okta, begin the process of deleting user data in other related systems
- Notify an IT Slack channel of suspicious activity
- Push Okta events to SIEMs Notify an Admin when group membership or app assignment changes
In the future, the recently-announced Azuqua acquisition will provide a no-code capability so that non-developers can build Hooks integrations as well.
Inline Hooks
Inline Hooks allow developers to modify inflight Okta processes with custom logic and data from a non-Okta source. Currently, the following Okta workflows can be modified:
Registration Inline Hook
Extend Self-Service Registration with external custom logic or 3rd party services to modify and validate profiles before completing registration.
Potential customizations using the Registration Inline Hook include:
- Validate user against existing database
- Enrich profile with information from a CRM or other directory
- Identity proofing with Experian
- Generate unique Customer ID
Import Inline Hook
Easily migrate customer and employee profile data from existing user stores with customizable data clean up and profile enrichment. Combine data from multiple sources into Okta’s centralized Universal Directory.
Potential customizations using the Import Inline Hook include:
- Enrich profile with information from a CRM, HR system or AD/LDAP
- Override Okta's default matching logic
- Identify username conflicts and create a unique one
Token and SAML Inline Hooks
Retrieve and use information housed in external systems in authorization decisions.
Potential customizations using Token and SAML Inline Hooks include:
- Add sensitive customer data to tokens and assertions
- Retrieve dynamic customer data
- Integrate with external entitlement engines
Unlimited possibilities
When combined, Okta Hooks and the Okta Identity Engine open the foundation of the Okta Identity Cloud so that customers can wield identity as they see fit. These customizable, extensible building blocks unlock an unlimited number of identity use cases.
Interested in seeing sample applications and custom logic for these use cases and more? Check out Okta Community Toolkit ›
Okta has long been a partner to ThoughtWorks for delivering innovative features to help us securely manage our enterprise identities. The introduction of Okta Hooks has enabled us to seamlessly incorporate identity events triggered by Okta into our existing event-driven architecture. We are excited for all the possibilities this opens up for tackling more complex workflows and elaborate integration scenarios.
– Phil Ibarrola, TechOps Head of Technology of ThoughtWorks