Auth0

Early Access: This integration is provided as an Open Authorization API (OAA) connector package. Contact our support team for more information.

Auth0 IdP OAA Connector

Overview

The OAA connector for Auth0 populates an OAA Custom Identity Provider with discovered Auth0 Users. These identities can be mapped to other configured Veza data sources (Snowflake, Trino, etc.), or resources in other OAA Custom Applications. ,``` serve as the identity for other applications.

Collected Attributes

Entity Property Value

Entity	Property	Value
User	`is_active`	True if the user is not blocked
User	`nickname`
User	`created_at`
User	`last_login_at`
User	`updated_at`
User	`last_password_reset_at`
User	`mfa_configure`	Is true if Auth0 reports any configured MFA methods
User	`connections`	List of names of applications the user identity is connected to

User

is_active

True if the user is not blocked

User

nickname

User

created_at

User

last_login_at

User

updated_at

User

last_password_reset_at

User

mfa_configure

Is true if Auth0 reports any configured MFA methods

User

connections

List of names of applications the user identity is connected to

Setup Instructions

Auth0

Create a new application
1. Provide the application a name
2. Select "Machine to Machine Applications and click Create
3. Select the Auth0 Management API
4. Add the following permissions:
  1. read:users
  2. read:connections
  3. read:custom_domains
  4. read:mfa_policies
5. Click Authorize to finish creation process
From the newly created Application page not the Domain, Client ID, Client Secret
Under Application Properties ensure that Token Endpoint Authentication Method is set to Post

Veza

Generate an API key for your Veza user. API keys can be managed in the Veza interface under Administration -> API Keys. For detailed instructions consult the Veza User Guide.

Running the connector

Command Line

With Python 3.8+, install the requirements into either a virtual environment or the system.
```
pip3 install -r requirements.txt
```

Set the Veza API key, Auth0 Client ID, and Secret environment variables:

export VEZA_API_KEY=<Veza API key>
export AUTH0_CLIENT_ID=<Auth0 Client ID>
export AUTH0_CLIENT_SECRET=<Auth0 Client Secret>

Run the connector:

./oaa_auth0.py --auth0-domain <https://domain.us.auth0.com> --veza-url <https://yourveza.veaacloud.com>

Parameters

Parameter Environment Variable Name Value

Parameter	Environment Variable Name	Value
`--auth0-domain`	`AUTH0_DOMAIN`	Domain of the auth0 management URL
	`AUTH0_CLIENT_ID`	The Client ID for the Auth0 Application
	`AUTH0_CLIENT_SECRET`	The Client Secret for the Auth0 Application
`--veza-url`	`VEZA_URL`	URL of Veza deployment
	`VEZA_API_KEY`	API key generated for Veza
`--debug`	`n/a`	Optional, enable verbose output and debug information
`--save-json`	`n/a`	Optional, save OAA payload to JSON file locally for debugging

--auth0-domain

AUTH0_DOMAIN

Domain of the auth0 management URL

AUTH0_CLIENT_ID

The Client ID for the Auth0 Application

AUTH0_CLIENT_SECRET

The Client Secret for the Auth0 Application

--veza-url

VEZA_URL

URL of Veza deployment

VEZA_API_KEY

API key generated for Veza

--debug

n/a

Optional, enable verbose output and debug information

--save-json

n/a

Optional, save OAA payload to JSON file locally for debugging

PreviousRunning Veza Scripts with Python NextBitbucket Cloud

Last updated 6 months ago