How to install an extension (e.g. CloudWatch) from the Auth0 Management API

I am interested in installing an extension programmatically thru curl or postman thru one of the Auth0 Rest APIs.

After installing an extension thru the web interface, I see there is a client created in the Management API.

		"tenant": "mytenant",
    "global": false,
    "is_token_endpoint_ip_header_trusted": false,
    "name": "logs-to-cloudwatch",
    "is_first_party": true,
    "oidc_conformant": true,
    "sso_disabled": false,
    "cross_origin_auth": false,
    "refresh_token": {
      "rotation_type": "non-rotating",
      "expiration_type": "non-expiring"
    "client_id": "XXXXXXX",
    "callback_url_template": false,
    "client_secret": "XXXXXXX",
    "jwt_configuration": {
      "alg": "RS256",
      "lifetime_in_seconds": 36000,
      "secret_encoded": false
    "grant_types": [
    "custom_login_page_on": true

I know I need to provided some of this information:

But I can’t find where it is supposed to go (like which rest route) and any documentation on it. Any ideas?

Most of my google searches put me under the rabbit hole of the Authorization API, and it doesn’t look like it is what I want.

There are docs on AddOns, especially in the .net library for Auth0, but that doesn’t look like what I want.

Thank you for the help.

Hi @peteristhegreat thanks for reaching out about this.

I don’t believe it’s possible at this time to programmatically create/install extensions on your tenant via the Management API. After looking at the network traces when creating a Cloudwatch extension with the Dashboard UI, it looks like it hits endpoints that aren’t publicly available.

I’d recommend submitting a feature request detailing your use-case so our product managers can determine whether that functionality should be worked on in coming quarters.

Have a great rest of your week!

Best Regards,

1 Like