Name: auth0-management-api-webhooks
Owner: Auth0
Description: An Auth0 extension that provides a webhook functionality to Auth0's Management API
Created: 2016-02-10 23:51:20.0
Updated: 2018-05-10 16:19:39.0
Pushed: 2018-05-24 10:34:17.0
Homepage: null
Size: 158
Language: JavaScript
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Auth0 Management API Webhooks allows you to enable webhooks for Auth0's Management API. It will go through the audit logs and call a webhook for specific events. This can address use cases like:
I want to call my own API each time a user is created or updated.
I want to deprovision users from other systems whenever they are deleted in Auth0.
If you haven't configured Webtask on your machine run this first:
m i -g wt-cli
init
Requires at least node 0.10.40 - if you're running multiple version of node make sure to load the right version, e.g. “nvm use 0.10.40”
To run it on a schedule (run every 5 minutes for example):
m run build
cron schedule \
--name auth0-webhooks \
--secret AUTH0_DOMAIN="YOUR_AUTH0_DOMAIN" \
--secret AUTH0_GLOBAL_CLIENT_ID="YOUR_AUTH0_GLOBAL_CLIENT_ID" \
--secret AUTH0_GLOBAL_CLIENT_SECRET="YOUR_AUTH0_GLOBAL_CLIENT_SECRET" \
--secret AUTH0_API_ENDPOINTS="users,connections" \
--secret WEBHOOK_URL="http://my.webhook.url/something" \
--secret WEBHOOK_CONCURRENT_CALLS="10" \
--json \
"*/5 * * * *" \
./build/bundle.js
You can get your Global Client Id/Secret here: https://auth0.com/docs/api/v2
The following settings are optional:
AUTH0_API_ENDPOINTS
: This allows you to filter specific API endpoints, comma delimited (eg: I'm only interested in events happening on the users
endpoint)WEBHOOK_CONCURRENT_CALLS
: Defaults to 5, these are the maximum concurrent calls that will be made to your web hookThis webtask will process the Auth0 audit logs. Calls to the Management API (v2) are logged there and will be picked up by the webtask. These will then optionally be filtered (eg: only calls to the users
endpoint) and will then be sent to your Webhook URL (POST).
Note that, if the URL we are sending the events to is offline or is returning anything that is not 200 OK (eg: Internal Server Error) processing will stop and the batch of logs will be retried in the next run. This means 2 things:
To test this you could easily setup an endpoint on http://requestb.in/
and use that as a Webhook URL. This will allow you to see the Webtask in action:
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
Auth0 helps you to:
This project is licensed under the MIT license. See the LICENSE file for more info.