Create Hooks
You can create multiple Hooks for any given extensibility point using the Dashboard or Management API.
Hooks may also be imported and exported using the Deploy Command-Line Interface (CLI) Tool.
Create Hooks using the Dashboard
Under Auth Piperline, navigate to the Hooks page in the Auth0 Dashboard, and click Create a Hook.
Enter a descriptive name for your Hook, select the extensibility point for which the Hook should execute, and click Create.
Locate the section for the extensibility point you selected, and click the pencil icon next to the hook you created.
Update the Hook using the Hook Editor, and click the disk icon to save.
Create Hooks using the Management API
Make a POST
call to the Create a Hook endpoint. Be sure to replace MGMT_API_ACCESS_TOKEN
, HOOK_NAME
, HOOK_SCRIPT
, and EXTENSIBILITY_POINT_NAME
placeholder values with your Management API Access Token, Hook name, Hook script, and extensibility point name, respectively.
curl --request POST \
--url 'https://YOUR_DOMAIN/api/v2/hooks' \
--header 'authorization: Bearer MGMT_API_ACCESS_TOKEN' \
--header 'cache-control: no-cache' \
--header 'content-type: application/json' \
--data '{ "name": "HOOK_NAME", "script": "HOOK_SCRIPT", "triggerId": "EXTENSIBILITY_POINT_NAME" }'
var client = new RestClient("https://YOUR_DOMAIN/api/v2/hooks");
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/json");
request.AddHeader("authorization", "Bearer MGMT_API_ACCESS_TOKEN");
request.AddHeader("cache-control", "no-cache");
request.AddParameter("application/json", "{ \"name\": \"HOOK_NAME\", \"script\": \"HOOK_SCRIPT\", \"triggerId\": \"EXTENSIBILITY_POINT_NAME\" }", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://YOUR_DOMAIN/api/v2/hooks"
payload := strings.NewReader("{ \"name\": \"HOOK_NAME\", \"script\": \"HOOK_SCRIPT\", \"triggerId\": \"EXTENSIBILITY_POINT_NAME\" }")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("content-type", "application/json")
req.Header.Add("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
req.Header.Add("cache-control", "no-cache")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}
HttpResponse<String> response = Unirest.post("https://YOUR_DOMAIN/api/v2/hooks")
.header("content-type", "application/json")
.header("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
.header("cache-control", "no-cache")
.body("{ \"name\": \"HOOK_NAME\", \"script\": \"HOOK_SCRIPT\", \"triggerId\": \"EXTENSIBILITY_POINT_NAME\" }")
.asString();
var axios = require("axios").default;
var options = {
method: 'POST',
url: 'https://YOUR_DOMAIN/api/v2/hooks',
headers: {
'content-type': 'application/json',
authorization: 'Bearer MGMT_API_ACCESS_TOKEN',
'cache-control': 'no-cache'
},
data: {
name: 'HOOK_NAME',
script: 'HOOK_SCRIPT',
triggerId: 'EXTENSIBILITY_POINT_NAME'
}
};
axios.request(options).then(function (response) {
console.log(response.data);
}).catch(function (error) {
console.error(error);
});
#import <Foundation/Foundation.h>
NSDictionary *headers = @{ @"content-type": @"application/json",
@"authorization": @"Bearer MGMT_API_ACCESS_TOKEN",
@"cache-control": @"no-cache" };
NSDictionary *parameters = @{ @"name": @"HOOK_NAME",
@"script": @"HOOK_SCRIPT",
@"triggerId": @"EXTENSIBILITY_POINT_NAME" };
NSData *postData = [NSJSONSerialization dataWithJSONObject:parameters options:0 error:nil];
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"https://YOUR_DOMAIN/api/v2/hooks"]
cachePolicy:NSURLRequestUseProtocolCachePolicy
timeoutInterval:10.0];
[request setHTTPMethod:@"POST"];
[request setAllHTTPHeaderFields:headers];
[request setHTTPBody:postData];
NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
if (error) {
NSLog(@"%@", error);
} else {
NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
NSLog(@"%@", httpResponse);
}
}];
[dataTask resume];
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://YOUR_DOMAIN/api/v2/hooks",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{ \"name\": \"HOOK_NAME\", \"script\": \"HOOK_SCRIPT\", \"triggerId\": \"EXTENSIBILITY_POINT_NAME\" }",
CURLOPT_HTTPHEADER => [
"authorization: Bearer MGMT_API_ACCESS_TOKEN",
"cache-control: no-cache",
"content-type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
import http.client
conn = http.client.HTTPSConnection("")
payload = "{ \"name\": \"HOOK_NAME\", \"script\": \"HOOK_SCRIPT\", \"triggerId\": \"EXTENSIBILITY_POINT_NAME\" }"
headers = {
'content-type': "application/json",
'authorization': "Bearer MGMT_API_ACCESS_TOKEN",
'cache-control': "no-cache"
}
conn.request("POST", "/YOUR_DOMAIN/api/v2/hooks", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://YOUR_DOMAIN/api/v2/hooks")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["content-type"] = 'application/json'
request["authorization"] = 'Bearer MGMT_API_ACCESS_TOKEN'
request["cache-control"] = 'no-cache'
request.body = "{ \"name\": \"HOOK_NAME\", \"script\": \"HOOK_SCRIPT\", \"triggerId\": \"EXTENSIBILITY_POINT_NAME\" }"
response = http.request(request)
puts response.read_body
import Foundation
let headers = [
"content-type": "application/json",
"authorization": "Bearer MGMT_API_ACCESS_TOKEN",
"cache-control": "no-cache"
]
let parameters = [
"name": "HOOK_NAME",
"script": "HOOK_SCRIPT",
"triggerId": "EXTENSIBILITY_POINT_NAME"
] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://YOUR_DOMAIN/api/v2/hooks")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()
Value | Description |
---|---|
MGMT_API_ACCESS_TOKEN |
Access Token for the Management API with the scope create:hooks . |
HOOK_NAME |
Name of the hook you would like to create. |
HOOK_SCRIPT |
Script that contains the code for the hook. Should match what you would enter if you were creating a new hook using the Dashboard. |
EXTENSIBILITY_POINT_NAME |
Name of the extensibility point for which the hook should execute. Options include: credentials-exchange , pre-user-registration , post-user-registration , post-change-password . To learn more about extensibility points, see Extensibiity Points. |
Handle Rate Limits when calling APIs from within Hooks
If you call Auth0 APIs from within a Hook's script, you will need to handle rate limits. To do so, check the X-RateLimit-Remaining
header and act appropriately when the number returned nears 0.
Additionally, add logic to handle cases in which you exceed the provided rate limits and receive the 429
HTTP Status Code (Too Many Requests
). In this case, if a re-try is needed, it is best to allow for a back-off to avoid going into an infinite retry loop.
Explore starter code and sample Hook scripts
To explore starter code and sample Hook scripts, see the documentation for your chosen extensibility point: