Okta

Auth0 Log Events

Sync Type: Incremental

Overview

This source connector fetches log event entries from the Auth0 Management API.

Auth0 log events capture critical security and operational data including:

User authentication attempts (successful logins, failed attempts, password resets).
API access patterns and authorization decisions.
Administrative actions performed in your Auth0 dashboard.
System events and configuration changes.
Security incidents such as blocked IPs or suspicious activities.

Prerequisites

An account Auth0 portal.
A Machine-to-Machine type application created on Auth0 portal. Click here to see the steps required to create one.

Limitations

This input is restricted by rate limits.

Permissions

On the left navigation bar click on Applications under Applications menu, it will open up the Application's page.
Click on APIs tab. Expand the Auth0 Management API option by clicking arrow icon located on extreme right.
In the permissions section, search and select the following permissions -
- read

Authentication

The following authentication options are supported by this input:

Authentication Method	Documentation
Client ID and Client Secret (confidential applications)	API Token Authentication
OAuth2 access tokens	OAuth access token authentication

Get the credentials

On the left navigation bar click on Applications under Applications menu, it will open up the Application's page.
Copy the Client ID.
Head over to Settings tab and copy the Domain value.
Head over to Credentials tab and copy the Client Secret value.

Generate Management API Access Token (If using OAuth2 Access Token Authentication)

To ask Auth0 for a Management API v2 token, perform a POST operation to the https://{yourDomain}/oauth/token endpoint, using the credentials of the Machine-to-Machine Application you created in the prerequisite step.

The payload should be in the following format -

Code
curl --request POST \
--url 'https://{yourDomain}/oauth/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data 'client_id={yourClientId}' \
--data 'client_secret={yourClientSecret}' \
--data 'audience=https://{yourDomain}/api/v2/'

Replace yourDomain, yourClientId and yourClientSecret with the credentials collected in Get the Credentials section.

The response will contain a signed JWT, an expiration time, the scopes granted, and the token type.
```
Code
{
    "access_token": "eyJ...Ggg",
    "expires_in": 86400,
    "scope": "read:clients create:clients read:client_keys",
    "token_type": "Bearer"
}
```
- Provide this access token to the Access Token field in the Configuration of this input.

Configuration

Settings

Setting	Type	Required	Description
Base URL	string	true	Base URL for the Auth0 management console. For example - https://demo.us.auth0.com/
Authentication Type	string	true	Authentication Type used by the input
Audience	string	true	Example - https://demo-dev.us.auth0.com/api/v2/

Secrets

Secret	Type	Required	Description
Client ID	string	true	Auth0 application's Client ID.
Client Secret	string	true	Auth0 application's Client secret.
Access Token	string	true	Auth0 Management API Access Token.

Sample Audit Log


Code
{
        "date": "2023-02-11T11:15:36.961Z",
        "type": "test",
        "description": "",
        "connection_id": "",
        "client_id": "abcd",
        "client_name": "Test App",
        "ip": "127.0.0.1",
        "client_ip": "127.0.0.1",
        "user_agent": "Test User Agent",
        "hostname": "demo-dev.us.auth0.com",
        "user_id": "",
        "user_name": "",
        "audience": "https://demo-dev.us.auth0.com/mock/",
        "scope": "read",
        "$event_schema": {
            "version": "1.0"
        },
        "environment_name": "test-env",
        "log_id": "12345",
        "tenant_name": "demo-dev",
        "_id": "12345",
        "isMobile": false,
        "location_info": {}
    }

Last modified on May 19, 2026

Auth0 Log Events Stream Event Hooks

Overview

This source connector fetches log event entries from the Auth0 Management API.

Auth0 log events capture critical security and operational data including:

User authentication attempts (successful logins, failed attempts, password resets).

API access patterns and authorization decisions.

Administrative actions performed in your Auth0 dashboard.

System events and configuration changes.

Security incidents such as blocked IPs or suspicious activities.

Permissions

On the left navigation bar click on Applications under Applications menu, it will open up the Application's page.

Click on APIs tab. Expand the Auth0 Management API option by clicking arrow icon located on extreme right.

In the permissions section, search and select the following permissions -

read

Authentication Method

Documentation

Client ID and Client Secret (confidential applications)

API Token Authentication

OAuth2 access tokens

OAuth access token authentication

Get the credentials

On the left navigation bar click on Applications under Applications menu, it will open up the Application's page.

Copy the Client ID.

Head over to Settings tab and copy the Domain value.

Head over to Credentials tab and copy the Client Secret value.

Generate Management API Access Token (If using OAuth2 Access Token Authentication)

To ask Auth0 for a Management API v2 token, perform a POST operation to the https://{yourDomain}/oauth/token endpoint, using the credentials of the Machine-to-Machine Application you created in the prerequisite step.

The payload should be in the following format -

Code
curl --request POST \
--url 'https://{yourDomain}/oauth/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data 'client_id={yourClientId}' \
--data 'client_secret={yourClientSecret}' \
--data 'audience=https://{yourDomain}/api/v2/'

Replace yourDomain, yourClientId and yourClientSecret with the credentials collected in Get the Credentials section.

The response will contain a signed JWT, an expiration time, the scopes granted, and the token type.

Code
{
    "access_token": "eyJ...Ggg",
    "expires_in": 86400,
    "scope": "read:clients create:clients read:client_keys",
    "token_type": "Bearer"
}

Provide this access token to the Access Token field in the Configuration of this input.

Configuration

Settings

Setting

Type

Required

Description

Base URL

string

true

Base URL for the Auth0 management console. For example - https://demo.us.auth0.com/

Authentication Type

string

true

Authentication Type used by the input

Audience

string

true

Example - https://demo-dev.us.auth0.com/api/v2/

Secrets

Secret

Type

Required

Description

Client ID

string

true

Auth0 application's Client ID.

Client Secret

string

true

Auth0 application's Client secret.

Access Token

string

true

Auth0 Management API Access Token.

Sample Audit Log

Code

{
        "date": "2023-02-11T11:15:36.961Z",
        "type": "test",
        "description": "",
        "connection_id": "",
        "client_id": "abcd",
        "client_name": "Test App",
        "ip": "127.0.0.1",
        "client_ip": "127.0.0.1",
        "user_agent": "Test User Agent",
        "hostname": "demo-dev.us.auth0.com",
        "user_id": "",
        "user_name": "",
        "audience": "https://demo-dev.us.auth0.com/mock/",
        "scope": "read",
        "$event_schema": {
            "version": "1.0"
        },
        "environment_name": "test-env",
        "log_id": "12345",
        "tenant_name": "demo-dev",
        "_id": "12345",
        "isMobile": false,
        "location_info": {}
    }

Auth0 Log Events

Overview

Prerequisites

Limitations

Permissions

Authentication

Get the credentials

Generate Management API Access Token (If using OAuth2 Access Token Authentication)

Configuration

Settings

Secrets

Sample Audit Log

Related Articles

Auth0 Log Events

Overview

Prerequisites

Limitations

Permissions

Authentication

Get the credentials

Generate Management API Access Token (If using OAuth2 Access Token Authentication)

Configuration

Settings

Secrets

Sample Audit Log

Related Articles