+1 978 658 9387    Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Contents

Inline Hook

Inline hooks are outbound calls from miniOrange to a custom code/external service/application, triggered throughout miniOrange process flows. They are designed to integrate custom functionality seamlessly. Notably, miniOrange exclusively sends the SSO response to the inline hook, enabling your custom code to modify this response before returning it to miniOrange. These hooks utilise synchronous calls, temporarily pausing the miniOrange process that initiated the hook until a response from external service is received.

This custom code should be implemented as a web service with an internet-accessible endpoint. It needs to be hosted on a system external to miniOrange. miniOrange defines the REST API contract for the requests sent to custom code, and for the responses from custom code.


Inline Hook Flow Diagram

Steps for setting up miniOrange Inline Hook

  • Go to Workflow > Inline Hook.
    • miniOrange Identity Platform Admin Handbook: Go to Workflow and select Inline Hook

  • Click on Add New Hook.
    • miniOrange Identity Platform Admin Handbook: Click on Add New Hook

  • From the App dropdown, select the app for which you want to invoke the inline hook.
    • miniOrange Identity Platform Admin Handbook: Select App from dropdown

  • Following details are needed to create Inline Hook:
    • Inline Hook URL: The URL of the endpoint provided by the external service that you want to integrate with. This URL is where miniorange will send the HTTP requests.
    • HTTP Request: miniOrange will construct an HTTP request to send to the inline hook endpoint. This request typically includes the request method (POST, GET, PUT, DELETE), headers, and body required by the inline hook service. Request method and headers may vary depending on the specific requirements of the inline hook.
    • Authentication: Inline hooks in miniOrange rely on authentication mechanisms to secure the communication between miniOrange and custom code. Here's a breakdown of the three options:
      • Basic Authentication: This is a simple authentication method where you provide a username and password combination. miniOrange encodes this information using Base64 encoding and sends it in the Authorization header of every request to your inline hook endpoint. External service needs to be able to decode the header and validate the username and password to ensure authorized access.
      • HTTP Header: This method provides more flexibility and security compared to basic auth. You define a custom header name (e.g., X-Api-Key) and a corresponding secret value in the miniOrange inline hook configuration. miniOrange then includes this header with the secret value in every request to your endpoint. Your code needs to check for the presence of this header and validate the secret value for authorization.
      • No Authentication: This option skips any authentication step. miniOrange sends requests to your inline hook endpoint without any credentials.
    • miniOrange Identity Platform Admin Handbook: Click Submit

  • Click Submit.