Okta Event Hook & Make Webhook

Hi

So, i had to create an Okta Event Hook, which sends a message to a Make webhook today, and…i had REAL trouble performing the initial response to the webhook to authorize it.

And i’m sure this must be a common process, so wanted to check if i’m missing something obvious.

As a test i have created a new Scenario, Added the “Custom Webhook” module, then created a new hook. I also enabled the option to “Get Request headers” (In Advanced Settings) as Okta sends an auth code in a header.

I then have the Make webhook URL.

Within Okta i goto Admin - Workflow - Event Hooks - Create Event Hook, and enter the Make webhook URL i have, then set the “Subscribe to events” to be “User added to group”

The next step is Okta wants to verify that the webhook is legit, and owned by you

And as mentioned in the link (Event hooks concepts | Okta Developer) it sends when you click Verify, it sends a one-time verification code in a HTTP header named x-okta-verification-challenge which you need to return the code as a JSON object in response.

I click Verify, and in make, i see the request com through. Here’s the output

    {
        "__IMTHEADERS__": [
            {
                "name": "connection",
                "value": "upgrade"
            },
            {
                "name": "x-real-ip",
                "value": "x.x.x.x"
            },
            {
                "name": "x-request-id",
                "value": "ad720cde76fe32291160a6b188294b12"
            },
            {
                "name": "cdn-loop",
                "value": "cloudflare; loops=1"
            },
            {
                "name": "cf-ipcountry",
                "value": "US"
            },
            {
                "name": "accept-encoding",
                "value": "gzip, br"
            },
            {
                "name": "cf-ray",
                "value": "910a2487ffbee739-IAD"
            },
            {
                "name": "cf-visitor",
                "value": "{\"scheme\":\"https\"}"
            },
            {
                "name": "user-agent",
                "value": "Okta Hook Service v1.0.0 - cal1ufa1an96Kv3UJ2d8"
            },
            {
                "name": "accept",
                "value": "application/json"
            },
            {
                "name": "x-okta-request-id",
                "value": "78f942322100887d7e643fabff856ae1"
            },
            {
                "name": "x-okta-verification-challenge",
                "value": "SiR5pq-UPMSaYxlIvzMhK7naZGFU_Y6_AI6a4p4B"
            },
            {
                "name": "cf-connecting-ip",
                "value": "x.x.x.x"
            }
        ]
    }
]

I think add the Webhook response module to run after the Custom webhook module, but when trying to select the x-okta-verification-challenge header, the only data i can select is the LAST header.

The ONLY way i’ve been able to respond to it, is by setting the body to

{"verification":"{{1. Headers[6]: Value"}

But usually i can select the specific item from the list, instead of…guessing almost (The number 6 refers to the 6th header we receive…but this can change.)

So just wondering if i’m missing something obvious or not.
Thanks

@johnanderson
Hi, I think the easiest way is to add an Iterator after the Custom Webhook module and split the header[] in the Iterator.
I think you can achieve this by adding a Filter between the Iterator module and the Webhook Response and adding a condition if name matches x-okta-verification-challenge

Thanks momomomonmon

Looks like thats the best solution, but still feels…“clunky”

For reference, heres what i built, which works

The result into custom webhook

The iterator

And the iterators output

Filter is

And the webhook response is

And this worked OK, just…little clunky