FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    API-call to FusionAuth in webhook times out when 'all hooks must succeed'

    Scheduled Pinned Locked Moved
    Q&A
    0
    3
    454
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      appeal
      last edited by

      We have a Salesforce-backend that administers which voluntary-roles members of our organization have. For example:

      User X

      • Is treasurer for department Y
      • Is webmaster for department Z

      These organization-specific roles we'd like to link to roles in FusionAuth-registrations.

      The way we've implemented this now is via webhooks on a user.login.success – there's some logic in the webhook that fetches the Salesforce-user, links the voluntary-roles to the application-roles and updates the registration through a FusionAuth-API-call. In the following SAML or OpenID steps the roles are returned accordingly.

      This works mostly fine, unless we set the transaction setting to 'all hooks must succeed'. Then the request tends to time out when trying the API-call. I can imagine some technical reasons for this (on the FusionAuth-side), as we are updating the authentication / authorization-state as it's happening. Perhaps the way we're trying to implement the (JIT) role-synchronization is not ideal, but we want to keep our source of truth contained on the Salesforce-end and this is where we're at now. I don't believe we can use connectors, as we don't have password hashes in the Salesforce-backend and in Salesforce the authorizations regularly change, so interval-synchronization of all our FusionAuth-users is also something we'd like to prevent.

      Would love some thoughts, thanks in advance!

      1 Reply Last reply Reply Quote 0
      • joshuaJ
        joshua
        last edited by

        @appeal,

        Just a quick thought - could you increase the timeout values to better allow the sync that you are looking for?

        https://fusionauth.io/docs/v1/tech/events-webhooks/

        Thanks,
        Josh

        1 Reply Last reply Reply Quote 0
        • A
          appeal
          last edited by

          The timeout is already really high (10 seconds). I can see in the logs of my webhook that I get a timeout in the api call to FusionAuth. It feels like a race condition.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post