Creating a custom provider real-time webhook
You can use a webhook to send and receive data from a custom third party for a specific workflow.
About this task
The webhook can be used for external multi-factor authentication (MFA) only.
Procedure
- Navigate to Integrations > Real-time webhooks.
- Click Create webhook.
- Select External MFA for the purpose.
- Select the provider for MFA. Select Custom provider.
- Provide a credential prefix. A 1-6 character alphanumeric prefix without any common symbols that is added to each factor capability at run time and is referenced by access policy evaluations. This value must be unique across all configured MFA providers within your IBM® Security Verify tenant. Within Verify, an external MFA factor is identified as
"{credentialPrefix}:{capability}"
. The credential prefix value must not contain a colon (:). - Click Next.
- Provide a name for the webhook. You can also specify an owner and email contact information.
- Specify one or more request URLs for the API.
- Select the type of authentication.
- Basic
- Specify the username and password.
- Header
- Specify the header name and authentication secret. If the secret is case-sensitive, select the Sensitive checkbox.
- None
- No authentication information is needed.
- OAuth
- Specify the token endpoint, select whether the client secret is post or basic, enter the client
ID and secret. Note: Client post indicates that the secret is stored as an attribute. Client basic indicates that the secret is stored in the header.
- Optional: Enter any custom headers and values.
- Click Create. Your webhook is displayed.
- On the Configuration tab, you can take the following
actions.
- Enable or disable the provider.
- View the version of the API that you want to use. The field is read only.
- Change the unique identifier attribute that is sent to the external provider.
- Specify the authentication methods for a generic provider.
- Edit the Resource transforms.
- On the Connection details tab, you can take the following
actions.
- Change the name of the webhook.
- Change the owner contact information.
- Change your API hostname URL or add more URLs.
- Change the authentication type.
- Add custom headers.
- When you are finished, click Save changes.
- Click Real-time webhooks to return to the Real-time webhooks page.