You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Allow webhooks to return data to be merged and persisted with FusionAuth data
Problem
There is no clean solution for adding data to a user during (not after) the registration process.
Solution
As discussed in #1545, I think that the best solution for solving the issue of adding data to a user or registration during the registration process would be to allow webhooks to return data to be merged into the user or registration object before it is persisted.
An example might look like this:
POST /webhooks/user-create { ... }
Response:
{
"user": {
"data": {
"externalUserId": 123
}
}
}
user.data.externalUserId is then merged into the user data before it is persisted in FusionAuth.
This is not necessarily limited to the user.create webhook, and could apply to any transactional webhook that results in data being persisted.
Validation
Generally, after returning from a transactional webhook, you don't want the action to then fail on the FusionAuth side, as this could result in persisted changes to an external system, without those changes being reflected in FusionAuth.
For this reason, it might be best to only allow basic fields like user.data to be set. Setting a field like email or password from the hook might be possible, but it would also complicate matters, so it should probably be disallowed until there are strong enough use cases.
It would be up to the webhook author to ensure that any data that is set is valid, and failure to do so would result in a failed transaction that cannot be rolled back on the webhook side.
Backward compatibility
It's unlikely that someone is returning data, in this format, from their webhooks. However, it could be put behind a flag (global or per hook) if there are concerns.
Alternatives/workarounds
The solution in #1545, which uses user.registration.create in addition to user.create. This isn't ideal because:
You are required to maintain state between the two webhooks (f.e. knowing the external user ID to store, in the registration hook).
If the registration hook fails, you're left with a user without a registration or the data that you wanted to add to the user.
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.
The text was updated successfully, but these errors were encountered:
Allow webhooks to return data to be merged and persisted with FusionAuth data
Problem
There is no clean solution for adding data to a user during (not after) the registration process.
Solution
As discussed in #1545, I think that the best solution for solving the issue of adding data to a user or registration during the registration process would be to allow webhooks to return data to be merged into the user or registration object before it is persisted.
An example might look like this:
POST /webhooks/user-create { ... }Response:
{ "user": { "data": { "externalUserId": 123 } } }user.data.externalUserIdis then merged into the user data before it is persisted in FusionAuth.This is not necessarily limited to the
user.createwebhook, and could apply to any transactional webhook that results in data being persisted.Validation
Generally, after returning from a transactional webhook, you don't want the action to then fail on the FusionAuth side, as this could result in persisted changes to an external system, without those changes being reflected in FusionAuth.
For this reason, it might be best to only allow basic fields like
user.datato be set. Setting a field likeemailorpasswordfrom the hook might be possible, but it would also complicate matters, so it should probably be disallowed until there are strong enough use cases.It would be up to the webhook author to ensure that any data that is set is valid, and failure to do so would result in a failed transaction that cannot be rolled back on the webhook side.
Backward compatibility
It's unlikely that someone is returning data, in this format, from their webhooks. However, it could be put behind a flag (global or per hook) if there are concerns.
Alternatives/workarounds
The solution in #1545, which uses
user.registration.createin addition touser.create. This isn't ideal because:Additional context
See #1545.
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
How to vote
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.
The text was updated successfully, but these errors were encountered: