Auth0 Terraform Provider 1.0.0-beta.2 Missing Client Secret

Problem statement

When creating an action and managing it with the new 1.0.0-beta2 Terraform Provider, the m2m-client client_secret does not appear to be exposed anymore. The client_secret was available in the versions prior to 1.0.0-beta2.

The configuration below results in a Error: Unsupported attribute error when running terraform validate.

resource "auth0_action" "my_action" {
name = "My Action"
code = file("../source/actions/MyAction.js")
runtime = "node18"
deploy = true
supported_triggers {
id = "post-login"
version = "v3"
}
depends_on = [ auth0_connection.username_password
]
dependencies {
name = "auth0"
version = "3.7.0"
}
secrets {
name = "ACTIONS_CLIENT_ID"
value = auth0_client.actions.client_id
}
secrets {
name = "ACTIONS_CLIENT_SECRET"
value = auth0_client.actions.client_secret
}
}

Cause

Several breaking changes have been introduced with v1.0, and this change is by design and is outlined in the migration guide for migrating from Upgrading from v0.x → v1.0.

The changes regarding reading client secrets can be found here.

Solution

To read the Client Secret in version 1.0.0-beta.2, modify the code to the following:

BEFORE:

resource "auth0_client" "my_client" {
  #...
}

output "my_client_secret" {
  value = auth0_client.my_client.client_secret
}

AFTER:

data "auth0_client" "my_client" {
  client_id = auth0_client.my_client.id
}

output "my_client_secret" {
  value = data.auth0_client.my_client.client_secret
}
1 Like