Okta
Auth0 Log Events
Sync Type: Incremental
Overview
This source connector fetches log event entries from the Auth0 Management API.
Auth0 log events capture critical security and operational data including:
- User authentication attempts (successful logins, failed attempts, password resets).
- API access patterns and authorization decisions.
- Administrative actions performed in your Auth0 dashboard.
- System events and configuration changes.
- Security incidents such as blocked IPs or suspicious activities.
Prerequisites
- An account Auth0 portal.
- A Machine-to-Machine type application created on Auth0 portal. Click here to see the steps required to create one.
Limitations
- This input is restricted by rate limits.
Permissions
- On the left navigation bar click on Applications under Applications menu, it will open up the Application's page.
- Click on APIs tab. Expand the Auth0 Management API option by clicking arrow icon located on extreme right.
- In the permissions section, search and select the following permissions -
- read
- read
Authentication
The following authentication options are supported by this input:
| Authentication Method | Documentation |
|---|---|
| Client ID and Client Secret (confidential applications) | API Token Authentication |
| OAuth2 access tokens | OAuth access token authentication |
Get the credentials
- On the left navigation bar click on Applications under Applications menu, it will open up the Application's page.
- Copy the Client ID.
- Head over to Settings tab and copy the Domain value.
- Head over to Credentials tab and copy the Client Secret value.
Generate Management API Access Token (If using OAuth2 Access Token Authentication)
- To ask Auth0 for a Management API v2 token, perform a POST operation to the
https://{yourDomain}/oauth/tokenendpoint, using the credentials of the Machine-to-Machine Application you created in the prerequisite step. - The payload should be in the following format -
Replace yourDomain, yourClientId and yourClientSecret with the credentials collected inCodeGet the Credentialssection. - The response will contain a signed JWT, an expiration time, the scopes granted, and the token type.
Code
- Provide this access token to the Access Token field in the Configuration of this input.
Configuration
Settings
| Setting | Type | Required | Description |
|---|---|---|---|
| Base URL | string | true | Base URL for the Auth0 management console. For example - https://demo.us.auth0.com/ |
| Authentication Type | string | true | Authentication Type used by the input |
| Audience | string | true | Example - https://demo-dev.us.auth0.com/api/v2/ |
| API Rate Limit | object | No | Optional limit on the connector's outbound request rate to the source API. Leave blank to use the connector's default behavior. See API Rate Limiting for the field format, limits, and how to choose a value. |
Secrets
| Secret | Type | Required | Description |
|---|---|---|---|
| Client ID | string | true | Auth0 application's Client ID. |
| Client Secret | string | true | Auth0 application's Client secret. |
| Access Token | string | true | Auth0 Management API Access Token. |
Sample Audit Log
Code
Related Articles
Last modified on