Skip to main content

Auth0

Visualize Auth0 clients and users, map Auth0 users to employees, and monitor changes through queries and alerts.

Installation

To install this integration, you will need to configure settings both within Auth0 and on JupiterOne. Before enabling in JupiterOne, ensure that you complete the setup within your Auth0 dashboard.

Configuration on Auth0

note

An Auth0 Machine-to-Machine app's Domain, Client ID, and Client Secret are required for the JupiterOne integration to interact with Auth0.

In order to obtain your app's credentials for the integration, an administrator of the Auth0 account will need to create a new App within your Auth0 dashboard.

To create a new Auth0 app for use with JupiterOne:

  1. Navigate to the Auth0 dashboard.
  2. Within the Applications section, select Applications.
  3. Create a new Machine-to-Machine application and enable the app to use the Auth0 Management API or select your desired API.
  4. In the API permissions, select read:users ,read:roles,read:resource_servers and read:clients and click Authorize.
  5. Navigate to the newly created app's Settings to retrieve the Domain, Client ID, and Client Secret.
info

For more information, refer to Auth0's documentation for creating a machine-to-machine app or for accessing the app's settings.

Configuration in JupiterOne

To install the Auth0 integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Auth0. Click New Instance to begin configuring the integration.

Creating an Auth0 instance requires the following:

  • The Account Name used to identify the Auth0 account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when the AccountName toggle is enabled.

  • Description to assist in identifying the integration instance, if desired.

  • Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.

  • Enter the Auth0 Client ID for the Machine-to-Machine application designated for JupiterOne's use.

  • Enter the Auth0 Client Secret for the Machine-to-Machine application designated for JupiterOne's use.

  • Enter the Auth0 Domain for your Auth0 tenant. Format is typically {YOURDOMAIN}.{REGION}.auth0.com. Do not include https://. If you are using a custom domain (e.g. 'mycustomdomain.com'), you can use it here.

  • Enter the Auth0 Audience for your Auth0 tenant, which points to the specific API you will be using. Format must be an auth0.com subdomain, followed by /api/{version}/. Examples might be https://{YOURDOMAIN}.{REGION}.auth0.com/api/v2/ or https://{YOURDOMAIN}.auth0.com/api/v2/.

    note

    Even if you are using a custom domain with Auth0, you need to use your default Auth0 tenant domain here. Also, the trailing slash is necessary.

Click Create once all values are provided to finalize the integration.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.