Auth0 Community

Log Streams -> Googleapis (Chronicle)

renato.coneglian February 22, 2024, 4:59pm 1

Hi, we are trying to post Auth0 Logs using a Custom Webhook Stream to a Google Chronicle.

In the URL, we are using:
https://eu-chronicle.googleapis.com/v1alpha/projects/xxxxxxx/locations/eu/instances/xxxxxxx/feeds/xxxxxxxx:importPushLogs

In authorization token we tried several ways:

X-goog-api-key=XXXXXXX
“X-goog-api-key” : “XXXXXXX”
{“X-goog-api-key” : “XXXXXXX”}

When using this in a python script, it works returning a 200 status:

session.post(https://eu-chronicle.googleapis.com/v1alpha/projects/xxxxxxx/locations/eu/instances/xxxxxxx/feeds/xxxxxxxx:importPushLogs, data=“DINKDOINK1”, headers={“X-goog-api-key”:“XXXXXXXXX”})

But when using it in Auth0, we receive:

“error”: {
“code”: “403”,
“message”: “Forbidden”,
“details”: “{\n "error": {\n "code": 403,\n "message": "Method doesn’t allow unregistered callers (callers w”
}

What should we do?

marcelina.barycka February 23, 2024, 1:32pm 2

Hi @renato.coneglian , thanks for posting!

I will try to help.

Where do you use this code snippet to call google’s APIs in Auth0? In Actions?

Did you receive this error on the google side?

I think you have to ship the google’s project identifier when calling Google APIs.
So to connect the client (your script used to call Google’s APIs) with some quota/billing related identifier.

Something like GOOGLE_CLOUD_QUOTA_PROJECT =<your project ID>

Please let us now your thoughts!

renato.coneglian February 23, 2024, 2:01pm 3

Hi Marcelina! Thanks for the answer.

We are trying to send the logs to Chronicle, so we are configuring a Custom Webhook inside Monitoring → Streams.

This erros are appearing inside the Stream Health tab with a Forbidden status.

renato.coneglian February 27, 2024, 1:00pm 4

Solved by Auth0 Support:

Hello Renato,

Thanks for contacting Auth0 Support, my name is Federico Coppede, glad to assist,

It’s not possible to set custom headers with log streams, if you add your api-key to the authorization token input, it will be sent in the Authorization header.

You could add that key as a query string to your URL as explained here:

https://eu-chronicle.googleapis.com/v1alpha/projects/xxxxxxx/locations/eu/instances/xxxxxxx/feeds/xxxxxxxx:importPushLogs?key=API_KEY

Let me know how that goes,

Thank you!

–
Federico Coppede
Lead, Developer Support Engineer - LatAm, https://auth0.com

1 Like

marcelina.barycka February 27, 2024, 1:44pm 5

Thanks so much for sharing!

system Closed March 12, 2024, 1:45pm 6

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views	Activity
Feature request: Add Google Cloud PubSub support for Log Streams Feedback google , gcp	18	4663	September 12, 2024
Feature request - need custom headers for Custom Log Streams using Webhooks Feedback auth0 , webhooks , log	1	921	August 10, 2023
403 Forbidden Error for Custom webhook Log Stream Knowledge Articles webhooks , 403-forbidden-errors	1	218	July 2, 2024
Segment Streaming Integration Help extensions , auth0-logs-to-segment	4	28	September 19, 2024
Two custom webhook streams got 403 forbidden Help connections , custom-database-connections	2	385	April 12, 2024