Auth0 Data Integration

04/2023

Go Back to All Integrations

Overview

The Oort identity security platform reads a variety of user account data and event data to build a full picture of the identity security posture of your Auth0 tenant.

Goal

The goal of this document is to serve as a guide to set up Oort with a data integration to your Auth0 tenant.

Note - Once this initial integration has been configured, Auth0 Log Streaming via the Oort app on the Auth0 Marketplace can be configured for near-real time analysis of events and identity-based threats.

For more information, please see the Auth0 Log Streaming & Marketplace App article.

Auth0 Data Integration

Auth0 data integration is configured using a read-only API token.

Permission requirements

To add the necessary configuration in Auth0, you need the Admin role.

Auth0 Configuration Steps

  1. Create a Machine to Machine Application in Auth0 for use with Oort using the steps in the Auth0 documentation.

  2. Select the Auth0 Management API as the API (this exists by default)

  3. Add the following permission scopes:

    ScopeDescriptionPurpose

    read:users

    Read Users

    Get a list of Users

    read:logs

    Read Logs

    Read Auth0 Event logs

    read:user_logs

    Read logs relating to users

    Read Auth0 User logs

    read:guardian_factors

    Read Guardian factors configuration

    Get a list of Users and Authenticator configurations

  4. From the Application Settings tab, collect the Domain, Client ID, and Client Secret

Oort Console Configuration

The rest of the configuration is completed in the Oort console.

  1. Login to your Oort tenant

  2. From the Integrations tab, click Add Integration and select Auth0

  3. Enter a display name, the Auth0 Domain URL, the Client ID and Client Secret from your Machine to Machine app created above.

  4. Click Save.

  5. On the Integrations screen, click the 3 dot menu and select Test Connectivity.

  6. Once successfully verified, click the same menu again and click Collect Now to begin initial data collection.

NOTE - Due to Auth0 API rate limiting, the initial data collection, including historical log data, may take up to 24 hrs. Your Oort technical contact will assist with any questions in this process.

PreviousAuth0NextAuth0 Log Streaming & Marketplace App

Last updated