OKTA Token Inline Hook

i am seeing 0 successful execution for token inline hook, when executed from postman i am receiving the response from external service but the access token doesn’t contain the claim added.

Response from external service:
“error”: null,
“commands”: [
“type”: “com.okta.access.patch”,
“value”: [
“op”: “add”,
“path”: “/claims/assertion”,
“value”: “assertion”
“debugContext”: {}

If you check your Okta system logs, you should see an event “Inline Hook execution failed” and it should show the failure reason. What error do you see?

There is no event in system log as well and metric still shows 0 successful executions.

But when triggered test/execute okta api for inline hook i am getting the response.

Am i missing anything here?

Did you associate the inline hook with a custom authorization server access policy as described in this doc?

yes i did associate the inline hook with custom authorization server, access policy-> rule

Can you confirm if you’re using the correct base url? If you associated the inline hook to an access policy for the custom authorization server named “default”, then your authorize request will look like this https://yourOrg.okta.com/oauth2/default/v1/authorize?... and you should see logs of the inline hook executing when tokens are generated. If you’re using a different base url such as https://yourOrg.okta.com/oauth2/v1/authorize, then it won’t work.

Hi Warren ,
Using the right authorize url for the custom authz server but still not seeing any events in the logs but i do see the metric after a day with successful execution count but this is not instant.

Is there a minimal set up of json request for the inline hook which we can use to make request for the inline hook execution end point , or please let me know how do we create the json request for inline hook since i am using the sample format and editing the values, is there any other way to create the json request.


I am now able to see the Claims added through inline hook, Issue was with the jwt.io was not showing the complete claim ,okta /introspect endpoint showing the added claims.


This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.