Auth0 Home Blog Docs

Auth0 Integration with vault to keep client secret

#1

Hi Team,

I would like to know is there any way I could integrate Auth0 with ‘Hashicorp Vault’, (managing secrets) , so that we could trigger any change in client secret directly to vault key store path, as we are planning for a client secret rotation in Auth0. Our application is reading the client secret from vault to connect to Auth0 programatically. So when there is any change in client secret, Auth0 should trigger the action of calling Hashicorp vault and store the secret in vault, so that application could read the latest client secret from vault to get it connected with Auth0. ( As of now, we are doing all these actions manually – copying client secret from Auth0 > manually adding it in vault)

Looking for a way that I could automate it. Any suggestions will help. Thank you.

Kind Regards,
Viji Sam

1 Like
#2

Hi Viji.

You can leverage the Management API v2’s Rotate a client secret endpoint, which will generate a new client secret for the provided client id, and return the new client definition (including the newly generated client secret). You would then read the returned client_secret and add it to your vault.