# Hook Bridge
## Requirements
Linux Control Center = 2.10.X or higher
## Overview
The LCC *Hook Bridge* is a feature that allows the automated execution of Actions on specific networks through Web requests. Each request contains an authorization **Token** that defines which Actions will be executed and on which network (CIDR). These actions are pre-configured at the time of Token creation, ensuring that only authorized *Actions* are executed.
The *Hook Bridge* is also used to facilitate integrations with the Linux Control Center. Serving as an access point, this feature allows the user to execute pre-configured actions on the LCC without needing to be logged in to the Console, while still ensuring high traceability of the flow and multiple options for monitoring the execution.
1. See the operating flow of the **Hook Bridge** with *Propagation Action* from BeyondTrust Password Safe.
## Objective
The objective of this document is to provide step-by-step instructions and demonstrate the use of the **Hook Bridge** functionality of the Linux Control Center.
## Hook Bridge Token
1. Access the **Hook Bridge** screen on the left side menu.
2. Click **Create**.
3. Fill in the **Name** field.
4. Choose the **CIDR** registered in the LCC database.
**Name**: Name to identify the *Hook Bridge*.\
**CIDRs**: Defines which IP address range (CIDR) the Token will have access to in order to execute the *Actions*.
5. It is also possible to create a new **CIDR**, to do so, click on the **+** sign
6. Fill in the required fields, being;
**Name:** Name to identify the *CIDR.*\
**CIDR:** Enter the IP address range followed by the network mask. Ex: 192.168.0.0/24
1. Click **Save**.
2. Set the *Action* in the **Action** field
* **Action**: Defines which *Action* the *Token* will be allowed to execute.
1. Choose the *Token* login method in the *Login Type* field.
* **Login Type**: Defines the *Token* authentication type, whether it will be *Request Credential* or *System Configuration*.
* Difference between Login Type *System Configuration* and *Request Credential*.
{% hint style="info" %}
When selecting **Request Credentials** as the login type, the request must **mandatory** contain the username and password with access permission to the target Host, along with the *Token*, serving as double authentication.
With the **System Configuration** option, the user can execute the configured Action only with the *Token* as authentication.
{% endhint %}
1. Check if the fields were filled in correctly and click **Save**.
## Request Parameters
* The *Token* serves to limit which *Action* will be executed and to perform authentication, but does not define on which *Host* the Action will be executed. To define the Host, the LCC provides some parameters that allow you to configure the request as needed.
{% hint style="info" %}
The request URL must contain Host and/or Hostname to define which Host the Action will be executed on. When only one of them is sent, the search will be performed using the parameter provided.
If both parameters are provided, the search will be performed using both. This means that if the *Hostname* is not associated with the *Host* parameter provided, the match will not be made, and the request will return an error informing what happened.
{% endhint %}
### Login Type *Request Configuration*
* See how to assemble a request with Login Type *Request Configuration*. **Note: Always use the & sign to join each argument.**
*Login Type Request Configuration Arguments:*
* **token:** Token that was generated in the LCC Console.
* **username:** User used to log in to the Host.
* **password:** Password used to log in to the Host.
* **host:** IPV4 address of the host where the Action will be executed.
* **hostname:** Hostname of the host where the Action will be executed.
1. The request must start with the **IP Address** or **Hostname** of the Linux Control Center
* https\://**lcc\_ip\_or\_hostname**/
1. Then, insert the API endpoint */api/v2/hook\_bridge/request/action/*
* \*\*
1. After placing the endpoint, place the Hook Bridge **ID** with the **?** sign right after it. The ID is availableavailable in the Hook Bridge *ID* field.
* ?\*\*
1. Set the IP address in the **host=** parameter and/or the **hostname=** of the Host where the action will be executed.
* \*\*
* \*\*
1. Define the authentication arguments **\&username=** and **\&password=** that will be responsible for logging into the server where the actions will be executed.
* \*\*
1. Define the *Token* of the request with the **\&token=** parameter
* The *Token* field is obtained from the **Token** field on the Hook Bridge screen.
* \*\*
1. See the example of a complete *Request Configuration* request with the **curl** utility:
* Windows Terminal: **curl.exe -k ""**
* Linux Terminal: **curl -k ""**
### Login Type *System Configuration*
* See how to assemble a request with Login Type *System Configuration*. **Note: always use the & sign to join each of the arguments.**
* *Login Type System Configuration Arguments:*
* **token:** Token that was generated in the LCC Console.
* **host:** IPV4 address of the host where the Action will be executed.
* **hostname:** Hostname of the host where the Action will be executed.
> Note that the only difference is that the Login Type *System Configuration* does not need the *username and password* arguments
1. The request must start with the **IP Address** or **Hostname** of the Linux Control Center
* https\://**lcc\_ip\_or\_hostname**/
1. Then, insert the API endpoint */api/v2/hook\_bridge/request/action/*
* \*\*
1. After setting the endpoint, set the value of the Hook Bridge **ID** with the **?** sign right after it. The ID is available in the Hook Bridge *ID* field.
* ?\*\*
1. Set the IP address in the **host=** parameter and/or the **hostname=** of the Host where the action will be executed.
* \*\*
* \*\*
* See an example of using both arguments simultaneously;
* \*\*
1. Set the request *Token* with the **\&token=** parameter
* \*\*
1. See the example of a complete *System Configuration* request with the **CURL** utility:
* Windows Terminal: **curl.exe -k ""**
* Linux Terminal: **curl -k ""**
### *Custom Script* Action with Login Type *Script Configuration*
{% hint style="info" %}
When selecting the *Script Configuration* option, the login will be performed on the machine according to the settings registered in the *Credential* tab of the *Script*, without needing to inform the Username or Password parameter as the request arg. It is also possible to use the *Login Type* Request Credential.
This Action allows you to use only 1 script for each *Token*, and you can change it whenever necessary.
{% endhint %}
1. Click on **Action** and choose the **Custom Script** option.
2. Click on **Login Type** and choose the **Script Configuration** option
3. Click on **Script** and define which script will be executed by the *Token*
4. Click on **Save**
* *Arguments Login Type Script Configuration ration:*
* **token:** Token that was generated in the LCC Console.
* **host:** IPV4 address of the host where the Action will be executed.
* **hostname:** Hostname of the host where the Action will be executed.
## Request Logs
### Hook Bridge Request
1. Access the Hook Bridge screen
2. Click on the desired Hook Bridge.
3. On this page, you can see the entire execution history for the selected Hook Bridge.
* Host: where the request was executed.
* Status: Result of the request.
* Date and Time of Creation and Last Update.
* Logs: Detailed information about the result of the request.
The **STATUS** field contains an identifier for each step of the process, such as:
* Requested
* Queued
* Executing
* Success
* Error
* No license
* Canceled
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.linuxcontrolcenter.com.br/en/hook-bridge/token-hook-bridge.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.