We have a solution where we want our users to be able to generate their own API credentials to communicate with different APIs.
I was thinking about creating a portal where users would be able to generate these credentials, but I’m struggeling to see how I can create a connection between the users and the M2M applications. Currently in my PoC, I have an application that is running on the backend which are allowed to create new M2M applications, and I create this on behalf of the users.
Are there any other aproaches to this? I really would like if Auth0 would let me handle API keys / credentials instead of implementing something on the side.. Anyone who has done something smiliar?
I also need to retrieve the applications for the specific user so I can show a list of the applications the user has created with the possibility to reset the client secret.
Thank you for posting your question. Unfortunately, Auth0 doesn’t offer an out-of-the-box solution for managing API keys (similar to what Github offers), so if that’s what you are looking for, I would encourage you to open a new thread in the Product Feedback category explaining your use case. If the thread becomes popular among other community members, our product team will evaluate the idea.
To address your current implementation with POC, the first limitation that you can hit is the number of applications per your subscription tier (Free ≤ 10, Paid ≤ 100 → https://auth0.com/docs/troubleshoot/customer-support/operational-policies/entity-limit-policy), the 2nd thing is mapping between the user and the application, and probably the best place for that would be a small external database table.
Just to set expectations—while feature requests are reviewed periodically, there’s no guaranteed timeline for when (or if) something like this would be implemented in production, as it depends on factors like demand, security implications, and broader roadmap priorities.