PHPackages dragosgaftoneanu/okta-hooks-php - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. dragosgaftoneanu/okta-hooks-php ActiveLibrary[Authentication & Authorization](/categories/authentication) dragosgaftoneanu/okta-hooks-php =============================== SDK used to integrate Okta Hooks feature inside PHP applications. 2.2(5y ago)1274MITPHPPHP >=5.0 Since Jun 13Pushed 5y agoCompare [ Source](https://github.com/dragosgaftoneanu/okta-hooks-php)[ Packagist](https://packagist.org/packages/dragosgaftoneanu/okta-hooks-php)[ RSS](/packages/dragosgaftoneanu-okta-hooks-php/feed)WikiDiscussions master Synced today READMEChangelog (10)DependenciesVersions (14)Used By (0) Okta Hooks PHP ============== [](#okta-hooks-php) This repository contains the source for the Okta Hooks PHP library that can be used for integrating the new [Okta Hooks](https://www.okta.com/hooks/) feature inside your PHP application. ⚠️ **Disclaimer:** This is not an official product and does not qualify for Okta Support. Installation ------------ [](#installation) You can install this library by running the following command through Composer ``` composer require dragosgaftoneanu/okta-hooks-php ``` Requirements ------------ [](#requirements) - An Okta account, called an *organization* (you can sign up for a free [developer organization](https://developer.okta.com/signup/)) - A local web server that runs PHP 5.0+ - [getallheaders()](https://www.php.net/manual/en/function.getallheaders.php) function available for usage - The following features enabled on your Okta organization (you can request them through an email to ) - [Event Hook](https://developer.okta.com/docs/concepts/event-hooks/): `CALLBACKS`, `WEBHOOKS` - [Token Inline Hook](https://developer.okta.com/docs/reference/token-hook/): `CALLBACKS`, `API_ACCESS_MANAGEMENT_EXTENSIBILITY` - [Import Inline Hook](https://developer.okta.com/use_cases/inline_hooks/import_hook/import_hook/): `CALLBACKS`, `IMPORT_SYNC_CALLBACKS` - [SAML Assertion Inline Hook](https://developer.okta.com/use_cases/inline_hooks/saml_hook/saml_hook/): `CALLBACKS`, `SAML_EXTENSIBILITY` - [Registration Inline Hook](https://developer.okta.com/use_cases/inline_hooks/registration_hook/registration_hook/): `CALLBACKS` - [Password Import Inline Hook](https://developer.okta.com/docs/reference/password-hook/): `CALLBACKS` Table of Contents ----------------- [](#table-of-contents) - [Event Hook](#event-hook) - [Methods available](#methods-available) - [getRaw()](#getraw) - [oneTimeVerification()](#onetimeverification) - [display()](#display) - [Example](#example) - [Token Inline Hook](#token-inline-hook) - [Methods available](#methods-available-1) - [getRaw()](#getraw-1) - [addAccessTokenClaim($name, $value)](#addaccesstokenclaimname-value) - [modifyAccessTokenClaim($name, $value)](#modifyaccesstokenclaimname-value) - [removeAccessTokenClaim($name)](#removeaccesstokenclaimname) - [modifyAccessTokenLifetime($value)](#modifyaccesstokenlifetimevalue) - [addIDTokenClaim($name, $value)](#addidtokenclaimname-value) - [modifyIDTokenClaim($name, $value)](#modifyidtokenclaimname-value) - [removeIDTokenClaim($name)](#removeidtokenclaimname) - [modifyIDTokenLifetime($value)](#modifyidtokenlifetimevalue) - [display()](#display-1) - [Example](#example-1) - [Import Inline Hook](#import-inline-hook) - [Methods available](#methods-available-2) - [getRaw()](#getraw-2) - [updateAppProfile($attribute, $value)](#updateappprofileattribute-value) - [updateProfile($attribute, $value)](#updateprofileattribute-value) - [action($status)](#actionstatus) - [linkWith($user)](#linkwithuser) - [display()](#display-2) - [Example](#example-2) - [SAML Assertion Inline Hook](#saml-assertion-inline-hook) - [Methods available](#methods-available-3) - [getRaw()](#getraw-3) - [addClaim($name, $nameFormat, $xsiType, $value)](#addclaimname-nameformat-xsitype-value) - [modifyClaim($name, $newValue)](#modifyclaimname-newvalue) - [modifyAssertion($path, $newValue)](#modifyassertionpath-newvalue) - [display()](#display-3) - [Example](#example-3) - [Registration Inline Hook](#registration-inline-hook) - [Methods available](#methods-available-4) - [getRaw()](#getraw-4) - [changeProfileAttribute($attribute, $value)](#changeprofileattributeattribute-value) - [allowUser($status)](#allowuserstatus) - [display()](#display-4) - [error($message, $errorCode, $reason, $locationType, $location, $domain)](#errormessage-errorcode-reason-locationtype-location-domain) - [Example](#example-4) - [Password Import Inline Hook](#password-import-inline-hook) - [Methods available](#methods-available-5) - [getRaw()](#getraw-5) - [getCredentials()](#getcredentials) - [allow()](#allow) - [deny()](#deny) - [Example](#example-5) Event Hook ---------- [](#event-hook) ### Methods available [](#methods-available) You can find below the methods implemented for the class in order to successfully execute the hook. #### getRaw() [](#getraw) This method returns the full request coming from Okta as an array. #### oneTimeVerification() [](#onetimeverification) This method checks for `X-Okta-Verification-Challenge` header in the request and replies with the verification JSON in order to complete the verification step for Okta. #### display() [](#display) This method displays the final response to the request coming from Okta. ### Example [](#example) You can find below an example script for verifying an event hook. ``` use Okta\Hooks\EventHook; try{ $hook = new EventHook(); $hook->oneTimeVerification(); echo $hook->display(); }catch (Exception $e){ echo $e->getMessage(); } ``` The answer that the library will return will look like the following. ``` { "verification": "T8tTyt5x9WobwSh0np41HlSF6lwl9elP0-cpcmNU" } ``` Token Inline Hook ----------------- [](#token-inline-hook) ### Methods available [](#methods-available-1) You can find below the methods implemented for the class in order to successfully execute the hook. #### getRaw() [](#getraw-1) This method returns the full request coming from Okta as an array. #### addAccessTokenClaim($name, $value) [](#addaccesstokenclaimname-value) This method tells Okta to add a claim inside the access token that will be returned. #### modifyAccessTokenClaim($name, $value) [](#modifyaccesstokenclaimname-value) This method tells Okta to modify a claim inside the access token that will be returned with a new value. #### removeAccessTokenClaim($name) [](#removeaccesstokenclaimname) This method tells Okta to remove a claim inside the access token that will be returned. #### modifyAccessTokenLifetime($value) [](#modifyaccesstokenlifetimevalue) This method tells Okta to modify the access token's lifetime. The token can have a lifetime of minimum 5 minutes (300 seconds) and a maximum of 24 hours (86400 seconds). #### addIDTokenClaim($name, $value) [](#addidtokenclaimname-value) This method tells Okta to add a claim inside the ID token that will be returned. #### modifyIDTokenClaim($name, $value) [](#modifyidtokenclaimname-value) This method tells Okta to modify a claim inside the ID token that will be returned with a new value. #### removeIDTokenClaim($name) [](#removeidtokenclaimname) This method tells Okta to remove a claim inside the ID token that will be returned. #### modifyIDTokenLifetime($value) [](#modifyidtokenlifetimevalue) This method tells Okta to modify the ID token's lifetime. The token can have a lifetime of minimum 5 minutes (300 seconds) and a maximum of 24 hours (86400 seconds). #### display() [](#display-1) This method displays the final response to the request coming from Okta. ### Example [](#example-1) You can find below an example script for adding a new claim inside an ID token, modifying an ID token's lifetime expiration to 1 day and changing an access token's audience. ``` use Okta\Hooks\TokenInlineHook; try{ $hook = new TokenInlineHook(); $hook->modifyIDTokenLifetime(86400); $hook->modifyAccessTokenClaim("aud","new_access_token_audience"); echo $hook->display(); }catch (Exception $e){ echo $e->getMessage(); } ``` The answer that the library will return is the following. ``` { "commands": [ { "type": "com.okta.identity.patch", "value": [ { "op": "add", "path": "/claims/claim", "value": "test_value" }, { "op": "replace", "path": "/token/lifetime/expiration", "value": 86400 } ] }, { "type": "com.okta.access.patch", "value": [ { "op": "replace", "path": "/claims/aud", "value": "new_access_token_audience" } ] } ] } ``` Import Inline Hook ------------------ [](#import-inline-hook) ### Methods available [](#methods-available-2) You can find below the methods implemented for the class in order to successfully execute the hook. #### getRaw() [](#getraw-2) This method returns the full request coming from Okta as an array. #### updateAppProfile($attribute, $value) [](#updateappprofileattribute-value) This method tells Okta to update a profile attribute from the ones available under data.appUser in the request coming from Okta. #### updateProfile($attribute, $value) [](#updateprofileattribute-value) This method tells Okta to update a profile attribute from the ones available under data.user in the request coming from Okta. #### action($status) [](#actionstatus) This method tells Okta for the current imported user to either create it as a new user inside of Okta (`$status = "create";`) or to link it with an existing one (`$status = "link";`). #### linkWith($user) [](#linkwithuser) If action is set to link the user with an existing one, with this method you can mention the user ID with which the current imported user will be linked. #### display() [](#display-2) This method displays the final response to the request coming from Okta. ### Example [](#example-2) You can find below an example script for modifying the first name and last name for both user profile and app user profile and to link the user with an existing Okta user that has user ID set to 00uozbgc03wzqoaXp2p6. ``` use Okta\Hooks\ImportInlineHook; try{ $hook = new ImportInlineHook(); $hook->updateProfile("firstName","John"); $hook->updateProfile("lastName","Doe"); $hook->updateAppProfile("firstName","Doe"); $hook->updateAppProfile("lastName","John"); $hook->action("link"); $hook->linkWith("00uozbgc03wzqoaXp2p6"); echo $hook->display(); }catch (Exception $e){ echo $e->getMessage(); } ``` The answer that the library will return is the following. ``` { "commands": [ { "type": "com.okta.action.update", "value": { "result": "LINK_USER" } }, { "type": "com.okta.user.update", "value": { "id": "00uozbgc03wzqoaXp2p6" } }, { "type": "com.okta.user.profile.update", "value": { "firstName": "John", "lastName": "Doe" } }, { "type": "com.okta.appUser.profile.update", "value": { "firstName": "Doe", "lastName": "John" } } ] } ``` SAML Assertion Inline Hook -------------------------- [](#saml-assertion-inline-hook) ### Methods available [](#methods-available-3) You can find below the methods implemented for the class in order to successfully execute the hook. #### getRaw() [](#getraw-3) This method returns the full request coming from Okta as an array. #### addClaim($name, $nameFormat, $xsiType, $value) [](#addclaimname-nameformat-xsitype-value) This method tells Okta to add a claim inside the assertion. #### modifyClaim($name, $newValue) [](#modifyclaimname-newvalue) This method tells Okta to modify a specific claim value inside the assertion. #### modifyAssertion($path, $newValue) [](#modifyassertionpath-newvalue) This method tells Okta to modify a specific value inside the assertion. #### display() [](#display-3) This method displays the final response to the request coming from Okta. ### Example [](#example-3) You can find below an example script for adding a new claim inside the assertion. ``` use Okta\Hooks\SAMLInlineHook; try{ $hook = new SAMLInlineHook(); $hook->addClaim("test","urn:oasis:names:tc:SAML:2.0:attrname-format:basic","xs:string","test"); echo $hook->display(); }catch (Exception $e){ echo $e->getMessage(); } ``` The answer that the library will return is the following. ``` { "commands": [ { "type": "com.okta.assertion.patch", "value": [ { "op": "add", "path": "/claims/test", "value": { "attributes": { "NameFormat": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic" }, "attributeValues": [ { "attributes": { "xsi:type": "xs:string" }, "value": "test" } ] } } ] } ] } ``` Registration Inline Hook ------------------------ [](#registration-inline-hook) ### Methods available [](#methods-available-4) You can find below the methods implemented for the class in order to successfully execute the hook. #### getRaw() [](#getraw-4) This method returns the full request coming from Okta as an array. #### changeProfileAttribute($attribute, $value) [](#changeprofileattributeattribute-value) This method tells Okta to update a profile attribute from the ones available under data.user.profile in the request coming from Okta. #### allowUser($status) [](#allowuserstatus) This method tells Okta to either allow the user to be registered (`$status = TRUE;`) or not (`$status = FALSE;`). #### display() [](#display-4) This method displays the final response to the request coming from Okta. #### error($message, $errorCode, $reason, $locationType, $location, $domain) [](#errormessage-errorcode-reason-locationtype-location-domain) This method displays an error message for the end-user upon registration, as exemplified in the documentation [here](https://developer.okta.com/use_cases/inline_hooks/registration_hook/registration_hook/#sample-json-payload-of-request). ### Example [](#example-4) You can find below an example script for modifying the first name and last name for user profile and then block the user. ``` use Okta\Hooks\RegistrationInlineHook; try{ $hook = new RegistrationInlineHook(); $hook->changeProfileAttribute("firstName", "John"); $hook->changeProfileAttribute("lastName", "Doe"); $hook->allowUser(FALSE); echo $hook->display(); }catch (Exception $e){ echo $e->getMessage(); } ``` The answer that the library will return is the following. ``` { "commands": [ { "type": "com.okta.action.update", "value": { "action": "DENY" } }, { "type": "com.okta.user.profile.update", "value": { "firstName": "John", "lastName": "Doe" } } ] } ``` Password Import Inline Hook --------------------------- [](#password-import-inline-hook) ### Methods available [](#methods-available-5) You can find below the methods implemented for the class in order to successfully execute the hook. #### getRaw() [](#getraw-5) This method returns the full request coming from Okta as an array. #### getCredentials() [](#getcredentials) This method returns data.context.credential from the request coming from Okta as an array. #### allow() [](#allow) This method displays a VERIFIED response that will tell Okta that the credentials are correct and allow the user to authenticate. #### deny() [](#deny) This method displays an UNVERIFIED response that will tell Okta that the credentials are incorrect and will not allow the user to authenticate. ### Example [](#example-5) You can find below an example script for checking the username and a password received from Okta and allowing the request if they contain specific values. ``` use Okta\Hooks\PasswordInlineHook; try{ $hook = new PasswordInlineHook(); if($hook->getCredentials()['username'] == "isaac.brock@example.com" && $hook->getCredentials()['password'] == "Okta") echo $hook->allow(); else echo $hook->deny(); }catch (Exception $e){ echo $e->getMessage(); } ``` The answer that the library will return is the following. ``` { "commands": [{ "type": "com.okta.action.update", "value": { "credential": "VERIFIED" } }] } ``` Bugs? ----- [](#bugs) If you find a bug or encounter an issue when using the library, please open an issue on GitHub [here](https://github.com/dragosgaftoneanu/okta-hooks-php/issues) and it will be further investigated. ### Health Score 28 — LowBetter than 54% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity13 Limited adoption so far Community6 Small or concentrated contributor base Maturity61 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~54 days Recently: every ~102 days Total 13 Last Release 1876d ago Major Versions 1.0.6 → 2.02020-05-27 PHP version history (4 changes)1.0.0-rc1PHP >=7.0.0 1.0.4PHP >=5.6.0 1.0.5PHP >=5.0.0 1.0.6PHP >=5.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/1df2b44090e02ecbc105085659246363dc3e51ad22da0aaa96a1b6f39e8271a1?d=identicon)[dragosgaftoneanu](/maintainers/dragosgaftoneanu) --- Top Contributors [![dragosgaftoneanu](https://avatars.githubusercontent.com/u/43792974?v=4)](https://github.com/dragosgaftoneanu "dragosgaftoneanu (23 commits)") ### Embed Badge ![Health badge](/badges/dragosgaftoneanu-okta-hooks-php/health.svg) ``` [![Health](https://phpackages.com/badges/dragosgaftoneanu-okta-hooks-php/health.svg)](https://phpackages.com/packages/dragosgaftoneanu-okta-hooks-php) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)