Challenge Task: AI Agents are powerful, but they shouldn’t do everything. If you gave an AI Agent an Access Token to manage your Auth0 Tenant, what is one specific permission (scope) you would NEVER give it?
Submission Requirement: The Permission (e.g., delete:users) + Why it’s too dangerous for a bot.
I’d never grant an agent delete:roles. While all delete:* scopes are dangerous, deleting roles causes immediate, widespread system failure. Because roles are often tied to fine-grained access control, removing them would instantly de-authorize every user, rendering your applications and APIs completely inaccessible
update:clients (The “Backdoor Creator”)
The Risk: Applications (clients) define how users log in. If an agent can update clients, it can change a secure application’s configuration to allow unauthorized redirect URLs or weaken security settings, effectively creating a persistent backdoor into your infrastructure.
Alternative: Use read:clients if the agent needs to audit settings, but never allow it to modify application logic.
Per the Scopes i will not allow a Bot to have read or delete users or Tenants as it can take the all system down and many hours to recover back
This topic was automatically closed after 24 hours. New replies are no longer allowed.