Orchestrator reference
Configuration reference
Connectors
Auth0

Auth0

The Auth0 Connector provides a way for Maverics to interact with an Auth0 organization. The Connector uses the Auth0 User API to create users or query for attributes and OpenID Connect to authenticate users and perform session validation.

Configuration options

The following values can be provided to the Auth0 Connector via the Maverics configuration file.

OAuth Client ID

oauthClientID is the client ID of the Maverics application registered in the Auth0 organization.

OAuth Client Secret

oauthClientSecret is the client secret of the Maverics application registered in the Auth0 organization.

OAuth Redirect URL

oauthRedirectURL is the URL that Auth0 will use to redirect the client back to after authentication. The Maverics OIDC handler will be served on this URL.

Note: the oauthRedirectURL’s path should not conflict with the path of any application resources. The oauthRedirectURL path can be arbitrary, for example /maverics-oidc or /oidc-handler.

OIDC Well-known URL

oidcWellKnownURL is the URL that returns OpenID Connect metadata about the Auth0 authorization server.

Logout URL

logoutURL is Auth0’s application logout URL that will initiate logout in Auth0. This will invalidate the SSO cookie in Auth0 but the cookie will still remain in the browser.

Logout Callback URL

logoutCallbackURL is the endpoint on the Orchestrator that Auth0 will redirect to after the logout flow is completed. Note, this URL must also be specified in the ‘Allowed Logout URLs’ section of your Auth0 application settings page.

Disable PKCE

disablePKCE disables the Proof Key for Code Exchange (PKCE) extension (enabled by default).

Error Page

errorPage is the page presented to the user if an error occurs.

Domain

domain is the tenant’s Auth0 domain in full URL format. For example, https://yourtenant.us.auth0.com. This field is only required when interacting with Auth0 API to query user attributes.

Health Check

healthCheck defines an optional health check for the connector. This option is required when using the connector in an IDP-continuity scenario. For more info on how to define the health check, please see the docs.

Examples

OIDC Configuration 

connectors:
  - name: auth0-example
    type: auth0
    oidcWellKnownURL: https://yourtenant.us.auth0.com/.well-known/openid-configuration
    oauthRedirectURL: https://example.com/oidc-handler
    oauthClientID: <auth0-client-id>
    oauthClientSecret: <auth0-client-secret>
    logoutURL: https://yourtenant.us.auth0.com/v2/logout
    logoutCallbackURL: https://example.com/logout
Amazon CognitoConnector Health Checks