Auth0 Integration with vault to keep client secret

vijisamm · December 13, 2018, 10:45am

Hi Team,

I would like to know is there any way I could integrate Auth0 with ‘Hashicorp Vault’, (managing secrets) , so that we could trigger any change in client secret directly to vault key store path, as we are planning for a client secret rotation in Auth0. Our application is reading the client secret from vault to connect to Auth0 programatically. So when there is any change in client secret, Auth0 should trigger the action of calling Hashicorp vault and store the secret in vault, so that application could read the latest client secret from vault to get it connected with Auth0. ( As of now, we are doing all these actions manually – copying client secret from Auth0 > manually adding it in vault)

Looking for a way that I could automate it. Any suggestions will help. Thank you.

Kind Regards,
Viji Sam

nicolas_sabena · December 16, 2018, 1:05pm

Hi Viji.

You can leverage the Management API v2’s Rotate a client secret endpoint, which will generate a new client secret for the provided client id, and return the new client definition (including the newly generated client secret). You would then read the returned client_secret and add it to your vault.

system · August 28, 2019, 2:46pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Retrieving Auth0 credentials from Azure Key Vault in Next.js 14 Help login-experience , new-universal-login-experience	0	20	October 20, 2024
Authenticate only once to multiple clients Help auth0 , spa , login , multiple-clients	1	3219	August 20, 2020
Basic Question on Client Secret Help client-secret	5	3015	December 2, 2021
Is it possible to have multiple app secrets? Help	3	7077	August 15, 2019
What deploy changes cause the Client ID and Secret to change? Help auth0-deploy-cli	2	2362	June 4, 2022

Auth0 Integration with vault to keep client secret

Related Topics