While this is not a blocker, I’d like to know if there is workaround by using the update connection endpoint, to see if we can manually set the configuration key values with expected encryption, such as bcrypt.
The only post that talks about document this in more depth is an issue for the auth0 deployment cli tool:
I was unable to find any documentation regarding configuration variables and best practices to deploy them through the management api.
Any leads or help to set this configuration values via Management API will be greatly appreciated.
Hey, thanks for the swift response Reuben!
I have a couple of follow up questions.
Do the values follow a certain encryption/hashing strategy?
Is this something that we could replicate “manually” when updating the values for the configuration key-value pairs? or is this something that can only be achieved by setting the values manually through the dashboard? Or is it sufficient to pass the configuration values without any kind of encryption.
The intention is to track these values in order to reliably regenerate the database in case we need to support other tenants.
Auth0 uses bcrypt for the encryption/hashing strategy.
After testing this further myself, there is no need to encrypt the value before updating the connection. I have corrected my previous example as well.
You can pass the Key, Value pair as plain-text to the endpoint, and Auth0 will automatically encrypt these values using bcrypt. After making these changes, I verified that the values are encrypted by calling the Get a connection endpoint.