Create a Trigger Connection Definition to Invoke Protected Endpoints

This topic describes how to implement a trigger connection that can invoke protected endpoints.

Before you start implementing a trigger connection to invoke protected endpoints, collect and note the following information:

  • Check the webhook producer documentation for information on webhook protection. Identify the relevant trigger policy and its configuration.
  • Check how the endpoints are protected. Identify the required invoke or action policies and related configuration.
  1. In VS Code, click Explorer Explorer icon on the sidebar.
    The directory structure of your workspace folder is displayed.
  2. Within the definitions directory listing, click the adapter definition document that you want to work on.
    The document is displayed in the VS Code editor.
  3. Expand the connection section in the document.
  4. In the securityPolicies object, set the following values:
    • Set the scope to TRIGGER.
    • Set the type as composite.
    • Configure policyInbound and policyOutbbound with the actual policy information.

Sample Code

In this example:
  • Outbound uses the authorization code policy.
  • Inbound uses the JWT validation policy.
  • Outbound extension is defined at composite policy level.
{
       "type": "composite",
       "description": "This policy is used by OIC for validating incoming requests as well as for invoking Pub/Sub APIs",
       "displayName": "Pub/Sub security policy",
       "scope": "TRIGGER",
       "policyOutbound": {
         "type": "managed",
         "policy": "OAUTH_AUTHORIZATION_CODE_CREDENTIALS",
         "securityProperties": [
           {
             "name": "oauth.client.id",
             "displayName": "PubSub Client ID",
             "description": "PubSub Client ID",
             "shortDescription": "Example: 35532456156-jdek24mdmlqutog3gnc3rfqqhdleori19r",
             "required": true,
             "hidden": false
           },
           {
             "name": "oauth.client.secret",
             "displayName": "PubSub Client Secret",
             "description": "PubSub Client Secret",
             "shortDescription": "Example: GOCDPX-gBQdjnPG4Hdi940zJCuksUPXWer4",
             "required": true,
             "hidden": false
           },
           {
             "name": "oauth.access.token.uri",
             "default": "https://oauth2.PubSub.com/token",
             "required": false,
             "hidden": true
           },
           {
             "name": "oauth.scope",
             "default": "https://www.PubSub.com/auth/pubsub",
             "required": false,
             "hidden": true
           },
           {
             "name": "oauth.auth.code.uri",
             "default": "https://accounts.PubSub.com/o/oauth2/auth",
             "required": false,
             "hidden": true
           },
           {
             "name": "clientAuthentication",
             "default": "client_credentials_in_body",
             "required": false,
             "hidden": true
           }
         ]
       },
       "policyInbound": {
           "type": "managed",
           "policy": "JWT_VALIDATION",
           "securityProperties": [
               {
                   "name": "subjectClaim",
                   "displayName": "Subject claim Override",
                   "hidden": true,
                   "required": false,
                   "default": ""
               },
               {
                   "name": "jwtToken",
                   "displayName": "JWT Token",
                   "hidden": true,
                   "required": true,
                   "default": "${.request.headers.authorization|split(\" \")|.[1]}"
               },
               {
                   "name": "signatureKey",
                   "displayName": "JWK URL",
                   "hidden": true,
                   "required": true,
                   "default": "https://www.PubSub.com/oauth2/v3/certs"
               },
               {
                   "name": "customClaimsValidation",
                   "displayName": "Custom Claims Validation",
                   "hidden": true,
                   "required": false,
                   "default": ""
               }
           ]
       }
     }