IBM Security Verify

 View Only

Unable to create a new Realtime Webshook

  • 1.  Unable to create a new Realtime Webshook

    Posted Tue November 07, 2023 10:06 AM

    Hi, I am trying to follow the steps athttps://www.ibm.com/docs/en/security-verify?topic=tenant-configuring-realtime-webhook

    My request is as below:

    curl --location --request POST 'https://nv.verify.ibm.com/v1.0/webhooks-mgmt/' \
    --header 'Content-Type: application/json' \
    --header 'Accept: application/json' \
    --header 'Authorization: Bearer bearertokenvalue' \
    --data-raw '{
    "name": "DUO MFA Provider",
    "type": "realtime",
    "urls": ["api-abc1234.duosecurity.com"],
    "authentication": {
    "type": "header",
    "header": {
    "values":[
    {
    "key": "hdr_integration_key",
     "value": "duointegrationkey"
    },
    {
    "key": "hdr_signing_key",
     "value": "duosecretkey"
    }
    ]
    }
    },
    "resources": {
    "enrollments": {
    "suffix": "/auth/v2/preauth",
    "method": "POST",
    "transform": {
    "outgoing": "{\"body\":jsonToFormURLEncoded({\"username\":body.username}, true), \"skip_authentication\": true, \"header\": header.put(\"date\", formatTime(now, '\''02 Jan 06 15:04 -0700'\'')).put(\"content-type\", \"application/x-www-form-urlencoded\").put(\"accept\", \"application/json\").put(\"authorization\", \"Basic \" + joinStrings([authentication_header.hdr_integration_key, hmacSha1(joinStrings([formatTime(now, '\''02 Jan 06 15:04 -0700'\''),method.toUpper(), host, path.toLower(), jsonToFormURLEncoded({\"username\":body.username}, true)], \"\\n\"), authentication_header.hdr_signing_key)], \":\").base64Encode())}",
    "incoming": "{\"body\": has(body.response) && has(body.response.devices) ? body.response.devices.map(d, d.capabilities.filter(c, c != \"auto\").map(c, {\"id\": d.device, \"capability\": c == \"mobile_otp\" ? \"hotp\" : c == \"sms\" ? \"smsotp\" : c, \"attributes\": {\"deviceName\": has(d.name) ? d.name : \"\", \"deliveryAddress\": has(d.number) ? d.number : \"\", \"authExecutionFlow\": c == \"mobile_otp\" ? \"validate\" : c == \"push\" ? \"init_then_poll\" : \"init_then_validate\"}})).flatten() : []}"
    }
    },
    "initiate": {
    "suffix": "/auth/v2/auth",
    "method": "POST",
    "transform": {
    "outgoing": "{\"body\":jsonToFormURLEncoded({\"async\":\"1\", \"device\":body.id, \"factor\": body.capability == \"smsotp\" ? \"sms\" : body.capability, \"username\":body.attributes.username}, true), \"skip_authentication\": true, \"header\": header.put(\"date\", formatTime(now, '\''02 Jan 06 15:04 -0700'\'')).put(\"content-type\", \"application/x-www-form-urlencoded\").put(\"accept\", \"application/json\").put(\"authorization\", \"Basic \" + joinStrings([authentication_header.hdr_integration_key, hmacSha1(joinStrings([formatTime(now, '\''02 Jan 06 15:04 -0700'\''),method.toUpper(), host, path.toLower(), jsonToFormURLEncoded({\"async\":\"1\", \"device\":body.id, \"factor\": body.capability == \"smsotp\" ? \"sms\" : body.capability, \"username\":body.attributes.username}, true)], \"\\n\"), authentication_header.hdr_signing_key)], \":\").base64Encode())}",
    "incoming": "{\"body\": has(body.response) && has(body.response.txid) ? {\"transactionId\": body.response.txid, \"status\": \"PENDING\"} : {\"status\": \"FAILED\"}}"
    }
    },
    "validate": {
    "suffix": "/auth/v2/auth",
    "method": "POST",
    "transform": {
    "outgoing": "{\"body\":jsonToFormURLEncoded({\"factor\": \"passcode\", \"passcode\": body.attributes.passvalue, \"username\":body.attributes.username}, true), \"skip_authentication\": true, \"header\": header.put(\"date\", formatTime(now, '\''02 Jan 06 15:04 -0700'\'')).put(\"content-type\", \"application/x-www-form-urlencoded\").put(\"accept\", \"application/json\").put(\"authorization\", \"Basic \" + joinStrings([authentication_header.hdr_integration_key, hmacSha1(joinStrings([formatTime(now, '\''02 Jan 06 15:04 -0700'\''),method.toUpper(), host, path.toLower(), jsonToFormURLEncoded({\"factor\": \"passcode\", \"passcode\": body.attributes.passvalue, \"username\":body.attributes.username}, true)], \"\\n\"), authentication_header.hdr_signing_key)], \":\").base64Encode())}",
    "incoming": "{\"body\": has(body.response) && has(body.response.result) ? {\"status\": body.response.result == \"allow\" ? \"SUCCESS\" : \"FAILED\", \"attributes\": body.response} : {\"status\": \"FAILED\"}}"
    }
    },
    "hotp_1": {
    "suffix": "/auth/v2/auth",
    "method": "POST",
    "transform": {
    "outgoing": "{\"body\":jsonToFormURLEncoded({\"factor\": \"passcode\", \"passcode\": body.attributes.passvalue, \"username\":body.attributes.username}, true), \"skip_authentication\": true, \"header\": header.put(\"date\", formatTime(now, '\''02 Jan 06 15:04 -0700'\'')).put(\"content-type\", \"application/x-www-form-urlencoded\").put(\"accept\", \"application/json\").put(\"authorization\", \"Basic \" + joinStrings([authentication_header.hdr_integration_key, hmacSha1(joinStrings([formatTime(now, '\''02 Jan 06 15:04 -0700'\''),method.toUpper(), host, path.toLower(), jsonToFormURLEncoded({\"factor\": \"passcode\", \"passcode\": body.attributes.passvalue, \"username\":body.attributes.username}, true)], \"\\n\"), authentication_header.hdr_signing_key)], \":\").base64Encode())}",
    "incoming": "{\"body\": has(body.response) && has(body.response.result) ? {\"status\": body.response.result == \"allow\" ? \"SUCCESS\" : \"FAILED\", \"attributes\": body.response} : {\"status\": \"FAILED\"}}"
    }
    },
    "result": {
    "suffix": "/auth/v2/auth_status",
    "method": "GET",
    "transform": {
    "outgoing": "{\"query\": {\"txid\": body.transactionId}, \"skip_authentication\": true, \"header\": header.put(\"date\", formatTime(now, '\''02 Jan 06 15:04 -0700'\'')).put(\"content-type\", \"application/x-www-form-urlencoded\").put(\"accept\", \"application/json\").put(\"authorization\", \"Basic \" + joinStrings([authentication_header.hdr_integration_key, hmacSha1(joinStrings([formatTime(now, '\''02 Jan 06 15:04 -0700'\''),method.toUpper(), host, path.toLower(), jsonToFormURLEncoded({\"txid\": body.transactionId}, true)], \"\\n\"), authentication_header.hdr_signing_key)], \":\").base64Encode())}",
    "incoming": "{\"body\": has(body.response) && has(body.response.result) ? {\"status\": body.response.result == \"allow\" ? \"SUCCESS\" : body.response.result == \"waiting\" || (body.response.result == \"deny\" && body.response.status == \"sent\") ?\"PENDING\" : body.response.status == \"timeout\" ? \"TIMEOUT\" : \"FAILED\", \"attributes\": body.response} : {\"status\": \"FAILED\"}}"
    }
    }
    },
    "purpose": ["external_mfa"]
    }'
    instead of getting the Webhook ID in the response I am getting the following response:

    <!DOCTYPE html>

    <html>

    <body>

    <div id="ticker"></div>

    <script>

    (function (w) {

    w.URLSearchParams = w.URLSearchParams || function (searchString) {

    var self = this;

    self.searchString = searchString;

    self.get = function (name) {

    var results = new RegExp('[\?&]' + name + '=([^&#]*)').exec(self.searchString);

    if (results == null) {

    return null;

    }

    else {

    return decodeURI(results[1]) || 0;

    }

    };

    }

    })(window)

    var authMethod = "Unknown";

    if (location.pathname == "/") {

    location.href = "/idaas/mtfim/sps/idaas/login?runtime=true";

    } else {

    var queryIndex = location.href.indexOf("?");

    if (queryIndex == -1) {

    var targetQParam = "Target=" + encodeURIComponent(location.href)

    location.href = "/idaas/mtfim/sps/idaas/login?runtime=true&" + targetQParam;

    } else {

    var query = location.href.substring(queryIndex + 1);

    if (query.search("Target=") != -1) {

    location.href = "/idaas/mtfim/sps/idaas/login?" + query;

    } else {

    var targetQParam = "Target=" + encodeURIComponent(location.href);

    var themeId = ""

    if (query.search("themeId") != -1) {

    themeId = "&themeId=" + new URLSearchParams(location.search).get('themeId');

    }

    var lang = ""

    if (query.search("lang") != -1) {

    lang = "&lang=" + new URLSearchParams(location.search).get('lang');

    }

    location.href = "/idaas/mtfim/sps/idaas/login?runtime=true&" + targetQParam + themeId + lang;

    }

    }

    }

    </script>

    </body>

    </html>

    Could you please review my request and see what's wrong and why I am not able to create a realtime webhook?  Please let me know if any additional information is needed.



    ------------------------------
    Narayan Verma
    ------------------------------