fusionauth-issues
fusionauth-issues copied to clipboard
FusionAuth
Add ability to pass value from login form to webhook
Add ability to pass value from login form to webhook
Problem
I want to be able to pass some value from the login theme to a backend webhook (login success in particular). This is useful for metrics and tracking.
Solution
Add an additional parameter provided on the hosted login pages that gets passed through to the webhook login success event.
Alternatives/workarounds
Option 1.
Fire off a request to a javascript API (custom) with the login info, timestamp, and the tracking id when the user logs in. Then the login webhook code could access that datastore and correlate with the email address and timestamp.
Option 2.
Add a hidden field for metaData.device.description and it will come through on the event.
Example:
<input type="hidden" name="metaData.device.description" value="cid:abc123"/>
Event output:
{
"event": {
"info": {
"deviceDescription": "cid:abc123"
}
}
}
Note: If the user gets logged in via an SSO session (e.g., they're logged in to another application), the form isn't submitted. But the parameter can be passed along as a query parameter in the request to the login page, e.g. ,/oauth2/authorize?metaData.device.description=cid%3Aabc123...), then it will be passed along in the webhook event.
Additional context
This was a customer request.
Related
- https://github.com/FusionAuth/fusionauth-issues/issues/946
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
How to vote
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.
Does this apply to user creation and registration as well?
We need to be able to uniquely identify from which website (TLD) a user registered. Is there no way to access any of these things in webhooks?
- OAuth state
- Redirect URI
- Arbitrary value sent with authorization request
@glen-84 other than the workarounds mentioned above, nope, you can't access what you mentioned via the webhook. For user creation/registration you could leverage one of the user form fields (either a standard one or, if you have a paid license, a custom one) and inject that info there. That's probably more straightforward than the login example.
Please upvote the issue if you'd like to see it implemented.
@mooreds,
Thanks for the reply.
I don't suppose there's any way to fill a hidden form field with a value from the query string? Edit: Ah, I suppose we could use JavaScript in the template to take the value from the QS.
I need to check what other data is available in the registration form template.
The only other (hacky) solution that I can think of is to use a localized message to set the value of the form field, so it'd vary depending on the locale of the user.
We're in the process of evaluating FusionAuth (for Business Cloud + Community Edition), and this and #1674 are the most important issues for us at this point. Edit: To clarify, we don't expect #1674 to be resolved any time soon, and have started to implement the code ourselves. It's just that it would have saved us a fair bit of time + possibly been more secure if it was provided by the official libraries.
Please upvote the issue if you'd like to see it implemented.
I will do, but would you consider making it more generic, or including our use case?
Ah, I suppose we could use JavaScript in the template to take the value from the QS.
That is what I was going to recommend :)
I will do, but would you consider making it more generic, or including our use case?
Maybe this would be better tracked as a separate issue. Would you consider filing a new issue that outlines exactly what you'd like (feel free to reference this one). It means more coming from a user than me guessing what you'd like, tbh.
Maybe this would be better tracked as a separate issue
I think it's too similar. The only differences are:
- Instead of it being the login form/page, it'd be the registration form(s)/pages(s). -> Generally, "any of the hosted UI/forms/pages".
- Instead of including the value in the login success hook, it'd be another hook like "User Create". -> Generally, "the webhooks associated with the form".
I'll upvote this issue regardless.
@mooreds Is metaData.device.description never set by FusionAuth?
Edit: After writing the code for this, I realized that the query parameters are lost after signing in via a social provider, and while I could probably replace the code in Redirect.js with simple links, it's getting a bit messy, and I think we'll just capture this information in a second step on our website/app for now. Please keep this use case in mind (passing the value through the social flow as well) when implementing this feature.
We should also consider how we pass info from registration workflows to a webhook. It's adjacent but would be nice to start on a register page, pass in data to this page, and then have this data sent to a webhook if the user registers via adv. reg forms or if they register via an Upstream IdP (Google, Facebook, etc).
This is related to a customer request as well.
