Application Connections

danielr · May 5, 2020, 3:01pm

When creating an application, all connections seems to be active.
when In the connection settings I didn’t activate any applications.

can someone elaborate on whats going on there?

andyck · May 5, 2020, 3:47pm

Hey @danielr

It’s default behaviour:

" By default, Auth0 enables all connections associated with your tenant when you create a new application. To change this, update application connections in the Application Settings in the Dashboard."

Hope this helps

danielr · May 5, 2020, 3:54pm

Thanks for your reply,

Can we disable this default behaviour?
I’ts a security issue allowing unwanted connection to pass to an app.
how can we disable it? whats the best practice here?

andyck · May 7, 2020, 10:32am

Hey @danielr,

You should be able to turn off this behaviour in your tenant settings: “Advanced” > “Settings” and toggling the Enable Application Connections option.

This should stop all connections being enabled for new applications, however you will then need to use the

PATCH /api/v2/connections/{id}

endpoint in the Management API to add the application to the appropriate connection

Hope this helps

danielr · May 7, 2020, 10:44am

Thanks!
That was exactly what we were looking for

konrad.sopala · May 7, 2020, 11:49am

Thanks @andyck for helping on this one!

danielr · May 7, 2020, 12:13pm

I believe this feature should be better document,
It could be a major security issue by default.

konrad.sopala · May 7, 2020, 12:14pm

Will report that to our docs team!

system · May 22, 2020, 12:14pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.