Auth0 Integration
Integrating with Auth0 can give Rezonate visibility into identities, roles, and posture control detection.
Last updated
Integrating with Auth0 can give Rezonate visibility into identities, roles, and posture control detection.
Last updated
The new Auth0 integration in Rezonate enhances visibility into identity and access structures, bringing in-depth insights into user configurations, roles, and permissions to bolster security management. By integrating data on configured applications, associated APIs, tenant settings, and user authentication controls, this solution allows for a comprehensive understanding of access points and organizational assignments. Integrating with Auth0 can give Rezonate visibility into identities, privileges, and tenant settings. These data points are then used to detect security gaps and to extend your identity-centric with auth0 identity information. The integration only reads data and has no writing capabilities.
As part of the integration, Rezonate is analyzing the following data points:
Users, configurations, and associated roles and permissions.
Roles & Definitions
Organizations and assignments (if applied)
Configured Applications & Associated APIs
Connections Informaiton
Tenant Settings & User Authentication Security Controls
Browse to the Auth0 management console, and Create a new Application
Select Machine to Machine
Select Auth0 Management API
Select the following permissions
Scope |
---|
read:users |
read:client_grants |
read:users_app_metadata |
read:clients |
read:connections |
read:resource_servers |
read:rules |
read:rules_configs |
read:hooks |
read:actions |
read:email_provider |
read:stats |
read:insights |
read:tenant_settings |
read:logs |
read:logs_users |
read:shields |
read:anomaly_blocks |
read:triggers |
read:guardian_enrollments |
read:custom_domains |
read:email_templates |
read:mfa_policies |
read:roles |
read:prompts |
read:branding |
read:entitlements |
read:organizations_summary |
read:authentication_methods |
read:organizations |
read:organization_members |
read:organization_connections |
read:organization_member_roles |
read:organization_invitations |
read:scim_config |
read:phone_providers |
read:sessions |
read:self_service_profiles |
read:forms |
read:flows |
Take Note of the Domain, Client ID, and Client Secret from the basic information.
In the integrations page, select Auth0 and fill in the recently noted Auth0 Domain, ClientID, and Client Secret.