Slack strategy for auth0_connection is undocumented in the terraform registry

Get Help
,
1

Hi,

I’m trying to get our auth0_connection for slack terraform working and looking at the following github repository that auth0 owns: GitHub - auth0/terraform-provider-auth0: The Auth0 Terraform Provider is the official plugin for managing Auth0 tenant configuration through the Terraform tool. it says that any help/questions should be directed here.

Now most other providers seems to be fairly well documented, but not the slack one. I’m not sure if there is any “slack” strategy (or slack2? since there is one outdated and a new one?) that I could use or not, and if so how to configure it.

Any help on this topic would be greatly appreciated.

Thanks,

Simon

3

Hi @simon26

The strategy used for a Slack social connection should be oauth2. This strategy name is provided whenever you try to create a Slack social connection within the Auth0 Dashboard. You should be able to configure this connection using Terraform using the configuration below:

resource "auth0_connection" "slack-oauth-2" {
  name     = "Slack-OAuth2-Connection"
  strategy = "oauth2"

  options {
    client_id                = "<client-id>"
    client_secret            = "<client-secret>"
    allowed_audiences        = ["example.com", "api.example.com"]
    scopes                   = ["identity.basic", "identity.email", "identity.avatar", "identity.team"]
    set_user_root_attributes = "on_each_login"
  }
}

If the above does not work, please try the following and let me know if it does the trick:

resource "auth0_connection" "slack" {
  name     = "slack"
  strategy = "slack"

  options {
    client_id  = "<client-id>"
    client_secret = "<client-secret>"
    allowed_audiences  = ["example.com", "api.example.com"]
    scopes = ["identity.basic", "identity.email", "identity.avatar", "identity.team"]
    set_user_root_attributes = "on_each_login"
  }
}

If you have any other questions or issues, let me know!

Kind Regards,
Nik

4

Hi Nik,

Thank you for the help.

The “slack” strategy does not work, it is illegal as there does not exist any such available strategy in the terraform library.

The oauth2 solution requires a custom script in order to extract the information you want from the request.

We didn’t want to use slack’s old scopes (identity.*) but rather the recommended openid-method. However, that turned out to an enterprise-connection in the auth0 UI and was difficulty to get running, so instead we rolled with our own connection solution rather than go through auth0.

Thanks,

Simon

5

Got it. Thanks for the update.

Regarding your Auth0 tenants, are they under an Enterprise subscription? If not, I understand why you would have difficulties in creating an OIDC Enterprise connection since it is only available for that specific subscription tier.

As you have stated, in the situation that you are in, if the default social login for Slack is outdated and you wish to follow the recommended approach, creating a custom connection would be the only solutiuon.

If I can help with anything else, let me know!

Kind Regards,
Nik

6

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.