FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Idp link event not firing - am I doing something wrong?

    Scheduled Pinned Locked Moved Unsolved
    General Discussion
    2
    3
    629
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stefan 0
      last edited by

      I am integrating 3rd party Azure AD idps using OIDC as per the instructions here. I have elected to use the link on email strategy with a user that must exist in FusionAuth prior to linking. This works nicely and I can use the API to retrieve the link for a user when I've used Azure AD to authenticate at least once.

      I have also set up a webhook for the user.identity-provider.link event. This works well when tested using the button in the UI, but never seems to fire for the actual live event in the above scenario - my webhook is never called. Below are some screenshots of the webhook configuration. Perhaps someone could verify that I've not missed anything that would explain the absent event?

      Settings -> Webhooks
      webhook-config-1.png

      webhook-config-2.png webhook-config-3.png

      Tenants -> id -> Webhooks
      webhook-config-4.png

      webhook-config-5.png
      I'm not sure this last enablement is required given the global setting, but it doesn't seem to make any difference either way - on or off.

      My FusionAuth version is 1.40.2 running in Docker.

      Thanks in advance for any ideas.

      joshuaJ 1 Reply Last reply Reply Quote 1
      • S stefan 0 marked this topic as a question on
      • joshuaJ
        joshua @stefan 0
        last edited by

        @stefan-0

        Thanks for the question -- I don't think that this will work in the way that you intend.

        I would have to test to be sure, but if FusionAuth cannot make the user (based on your chosen user provisioning policy), then this user will not be created and thus not linked, and therefore this event will not fire.

        https://fusionauth.io/docs/v1/tech/events-webhooks/events/user-identity-provider-link

        Depending on your desired outcome, it might be best to change your linking strategy (to create this user when linking) and then use user.create webhooks. You could fail this transaction if certain requirements are not met (thus the user will not be created and linked).

        I hope this helps!

        Thanks,
        Josh

        1 Reply Last reply Reply Quote 0
        • S
          stefan 0
          last edited by

          Hi Josh,

          Thanks for taking the time to reply. In the scenario outlined I perhaps didn't mention that the users I was expecting the webhook to fire for already existed in FusionAuth prior to Azure AD sign-in. Should I expect the event to trigger in that instance?

          Regards
          Stefan

          1 Reply Last reply Reply Quote 0
          • First post
            Last post