Update Webtask Extension Settings/Secrets

Problem statement

In some cases, especially if it’s a custom extension, we cannot update the settings by clicking three dots > settings. To update settings, we usually need to uninstall the extension and reinstall and provide the necessary settings during the installation step.

How to update this without reinstalling?

Solution

In this example, you will be updating the Custom SSO Extension. Here are the steps:

  • Capture a GET request for this webtask extension by going to Dashboard > Extensions > Installed Extensions:
    https://manage.auth0.com/#/extensions/installed

  • On this page, open the Developers Tools > Network and filter the requests by Fetch/XHR.

  • Click three dots (…) right to the extension name and select Settings. In the network tools, you should see the following request. Right-click on it and choose Copy > Copy as cURL.



  • Paste the cURL into a VSCode or a notepad. Then also copy the response from here:

  • Paste the response into VSCode or notepad. Now we need to remove a few keys from this response JSON. Please remove the following key/value pairs:

    • container
    • name
    • token
    • webtask_url
  • You will also need to add a new “url” key/value pair which we will get by clicking Save in the popup by looking at the PUT request. In our example, it is:
    "url": "[https://cdn.auth0.com/extensions/sso-dashboard/sso-dashboard-2.4.js"](https://cdn.auth0.com/extensions/sso-dashboard/sso-dashboard-2.4.js)"

The final edited response should look like this:

{"meta":{"auth0-extension-version":"2.4.1","auth0-extension":"gallery","auth0-extension-name":"sso-dashboard"},"secrets":{"EXTENSION_SECRET":"123","EXTENSION_CLIENT_ID":"123","TITLE":"Your title","CUSTOM_CSS":"","AUTH0_CUSTOM_DOMAIN":"Your custom domain","PUBLIC_URL":"Your ublic url","FAVICON_URL":"","USER_GROUPS":"the comma-separated list of groups here","AUTH0_CLIENT_ID":"123","AUTH0_CLIENT_SECRET":"123","AUTH0_SCOPES":"read:clients delete:clients read:connections read:resource_servers create:resource_servers read:client_grants create:client_grants delete:client_grants","AUTH0_DOMAIN":"Your Domain","AUTH0_RTA":"https://auth0.auth0.com","AUTH0_MANAGE_URL":"https://manage.auth0.com","WT_URL":"https://us.webtask.run/api/run/domain/extensionname","PUBLIC_WT_URL":"https://your_domain.us.webtask.run/sso-dashboard","ISOLATED_DOMAIN":true}, "url":"https://raw.githubusercontent.com/danielbaker/auth0-sso-dashboard-extension/master/build/bundle.js"}
  • Update the “USER_GROUPS” with additional groups.

  • Now the payload ready and you can convert this to a PUT call. Please add these two lines to cURL call we got previously:

-X 'PUT' \
-H 'content-type: application/json' \
  • Add the payload between -H x-csrftoken: and --compressed.

The final cURL PUT request should look like this:

curl 'https://manage.auth0.com/api/webtask/your-tenant/extension-name'; \
  -X 'PUT' \
  -H 'content-type: application/json' \
  -H 'authority: manage.auth0.com' \
  -H 'accept: application/json' \
  -H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' \
  -H 'authorization: Bearer undefined' \
  -H 'cache-control: no-cache' \
  -H 'cookie: !cookie value here!' \
  -H 'pragma: no-cache' \
  -H 'referer: https://manage.auth0.com/dashboard/us/your-tenant/extensions/installed'; \
  -H 'sec-ch-ua: "useragent value here' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: "your platform here"' \
  -H 'sec-fetch-dest: empty' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-site: same-origin' \
  -H 'user-agent: useragent here' \
  -H 'x-csrftoken: token here' \
  --data-raw '{"meta":{"auth0-extension-version":"2.4.1","auth0-extension":"gallery","auth0-extension-name":"sso-dashboard"},"secrets":{"EXTENSION_SECRET":"123","EXTENSION_CLIENT_ID":"123","TITLE":"Your title","CUSTOM_CSS":"","AUTH0_CUSTOM_DOMAIN":"Your custom domain","PUBLIC_URL":"Your ublic url","FAVICON_URL":"","USER_GROUPS":"group1,group2,group3","AUTH0_CLIENT_ID":"123","AUTH0_CLIENT_SECRET":"123","AUTH0_SCOPES":"read:clients delete:clients read:connections read:resource_servers create:resource_servers read:client_grants create:client_grants delete:client_grants","AUTH0_DOMAIN":"Your Domain","AUTH0_RTA":"https://auth0.auth0.com","AUTH0_MANAGE_URL":"https://manage.auth0.com","WT_URL":"https://us.webtask.run/api/run/domain/extensionname","PUBLIC_WT_URL":"https://your_domain.us.webtask.run/sso-dashboard","ISOLATED_DOMAIN":true}, "url":"https://raw.githubusercontent.com/danielbaker/auth0-sso-dashboard-extension/master/build/bundle.js"}' \
  --compressed

Now copy and paste the cURL command to terminal and execute. Groups should be updated.