Would be nice if Management API supported managing tenant members (e.g. administrators) like the Settings → Tenant Members in the dashboard allows.
We have one tenant per environment (we have five environments) and have started to use alexkappa’s excellent Auth0 Terraform provider to automate our tenant setup. Everything else in our Auth0 setup is now automated through that, but a final missing piece would be the ability to automate inviting tenant members.
Having five tenants and ten developers, inviting all developers to all tenants is pretty tiresome, as invites must be done one-by-one, requiring multiple clicks in the dashboard to invite just one person. Also when a developer leaves the team, we currently need to manually go through all the tenants and remove the developer from those.
Having a set of APIs for managing tenant members would allow automating this aspect. The following APIs would be needed to support full life-cycle automation of tenant members via automation tools such as Terraform:
- GET endpoint for listing current tenant members
- GET endpoint for listing pending invitations
These endpoints should return at least the email address and the role for each member. Optionally it should include a flag telling if MFA is enabled (this could be used to automate bugging people to turn it on).
For the invitations, the response should include whether the invitation is pending or expired. This information is needed so tools would know whether to resend the invitation or not.
Managing tenant members:
- POST endpoint for inviting new tenant members with email and role
- POST/PUT/PATCH endpoint for changing member’s role
- DELETE endpoint for removing member from tenant