GithubHelp home page GithubHelp logo

serverless-onelogin-slack's Introduction

serverless-onelogin-slack

This is a sample app based on the Serverless.com framework that will catch webhooks from OneLogin and post notifications to Slack if a high risk login is detected.

It gets events from OneLogin via Webhooks API aka Event Broadcaster. You can read more about webhooks in the OneLogin developer docs.

You could easily adapt this project to perform different actions based on different event types. The main code can be found in src/handler.js and configuration variables in src/serverless.yaml

Setup

To run this sample you will need an AWS account setup with credentials saved that have access to create/manage API Gateway and Lambda functions.

Slack

You will also need a Slack account with an Incoming Webhook setup. You can add one to your Slack account here. Once you have your Incoming Webhook setup grab the Webhook Url that they issue you. e.g. Something like this https://hooks.slack.com/services/xxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx

Serverless

Then you need to have Serverless installed on your local machine. It takes a couple of seconds/minutes to setup. Follow these instructions to get started.

Once you have serverless installed. Pull this repo and go to the src/serverless.yml file.

git clone [email protected]:onelogin/serverless-onelogin-slack.git

You will want to change the SLACK_CHANNEL and SLACK_PATH to the values that you have just setup and obtained from your Incoming Slack webhook.

Now from the command line move into the src directory and run the following:

cd src
serverless deploy

If you have your AWS credentials correct, Serverless will now package and deploy your function. It's pretty quick.

Once that is deployed, run the following to get the POST endpoint for your newly created function.

serverless info

OneLogin Event Broadcaster

Lastly, you will use the endpoint url to register against an Event Broadcaster in your OneLogin account. Do this via the OneLogin Admin portal in the Activity > Event Broadcaster area. Set the Listener Url using your serverless endpoint url and change the Format to JSON Array.

Risky Events

This sample has been configured to post notifications based on the risk_score property of the events webhook payload. This property will only be populated if you have Adaptive MFA enabled on a User Policy in your OneLogin account.

serverless-onelogin-slack's People

Contributors

richet avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.