Inline Hooks and JIT provisioning

joelbloch · November 9, 2022, 8:49am

Hello,

I am working on a project where external IdPs are sending SAML claims to Okta, and Okta provisions users JIT with those claims.
Whoever, some claims contain personal information, and we need to cipher them in Okta.

We want to avoid asking any change request to the customer IdPs, for now they are sending those PI unciphered.

Is there a way to call an inline hook during the JIT provisioning process to call an external API with those claims, and cipher them, before they are stored in Okta?

Thanks!

andrea · December 2, 2022, 6:18pm

At this time, we do not have a hook that is triggered during this flow.

There is a Feature Request on our Ideas site (you’ll need to login with an Admin account to access) that looks to be gaining interest, so you likely will want to vote on that and maybe add some more context about your specific goals/needs for the benefit of our product team: Idea #158347: Inline hook for JIT Provisioning | Okta Ideas

Post		Replies	Views
Retain custom claim from incoming JWT in okta access token OAuth/OIDC	3	97	October 25, 2024
Inline Hook request payload object API	1	93	December 20, 2024
Questions regarding Okta inline-hooks OAuth/OIDC	13	6164	June 23, 2020
How to inject per-request arbitrary claims (e.g. workstation) into Okta-issued tokens without exposing a public inline-hook endpoint? OAuth/OIDC	2	32	November 28, 2025
Passing information from an IDP to a Token Inline hook SAML	4	1663	November 3, 2023

Inline Hooks and JIT provisioning

Related topics