Back in March 2022 a fellow Auth0 customer asked about configuration of bot protection via Terraform.
In September of 2022 an issue was created within the auth0-deploy-cli repository where the same missing feature was requested.
In August 2024 — two years later — another community member referenced a now inaccesible post where a estimated delivery date of between July and September of 2024 was shared.
In February this year, Kushal — who I can’t link to because your forum software thinks the letters s-h-i-t in Kushal’s GitHub username (https://github.com/kushalsh[i]t27) will negatively impact the vibe of this forum — shared this updated estimate via GitHub:
We are actively working on supporting this feature by Q2 (May-July) of FY26.
Others have asked about this missing feature and been instructed to request a feature before having the discussion closed. Naturally, I find myself wondering why are the GitHub discussion, GitHub issue, and repeated posts on these forums not considered feature requests. A less forgiving observer might interpret this as unnecessarily bureaucratic and hostile towards customers (forum validation rules clearly aren’t helping our case here).
Management of Auth0 tenants without Infrastructure as Code is a non-starter for some organizations, and bot protection is more important than ever. With a production tenant and at least one pre-production tenant, avoiding configuration drift is critical to deploying a secure and auditable adaptable authentication and authorization platform.
Can we get a definitive answer on whether we can expect to see this bot protection feature within the management API before the end of July 2026?
If it’s going to take longer, I’d really appreciate a heads up so I can pick up a fifth candle for the cake.