When creating an application, all connections seems to be active.
when In the connection settings I didn’t activate any applications.
can someone elaborate on whats going on there?
When creating an application, all connections seems to be active.
when In the connection settings I didn’t activate any applications.
can someone elaborate on whats going on there?
Hey @danielr
It’s default behaviour:
" By default, Auth0 enables all connections associated with your tenant when you create a new application. To change this, update application connections in the Application Settings in the Dashboard."
Hope this helps
Thanks for your reply,
Can we disable this default behaviour?
I’ts a security issue allowing unwanted connection to pass to an app.
how can we disable it? whats the best practice here?
Hey @danielr,
You should be able to turn off this behaviour in your tenant settings: “Advanced” > “Settings” and toggling the Enable Application Connections option.
This should stop all connections being enabled for new applications, however you will then need to use the
PATCH /api/v2/connections/{id}
endpoint in the Management API to add the application to the appropriate connection
Hope this helps
Thanks!
That was exactly what we were looking for
Thanks @andyck for helping on this one!
I believe this feature should be better document,
It could be a major security issue by default.
Will report that to our docs team!
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.