{"id":15061316,"url":"https://github.com/ukayani/auth0-deploy","last_synced_at":"2025-06-19T22:38:14.461Z","repository":{"id":57187076,"uuid":"79667797","full_name":"ukayani/auth0-deploy","owner":"ukayani","description":"A tool for automated deployment of auth0 components","archived":false,"fork":false,"pushed_at":"2019-03-07T15:30:43.000Z","size":91,"stargazers_count":2,"open_issues_count":3,"forks_count":2,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-24T07:42:15.833Z","etag":null,"topics":["auth0","automation","cli","deployment","oauth"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ukayani.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-01-21T19:29:43.000Z","updated_at":"2024-02-05T23:40:40.000Z","dependencies_parsed_at":"2022-08-28T13:00:16.042Z","dependency_job_id":null,"html_url":"https://github.com/ukayani/auth0-deploy","commit_stats":null,"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ukayani%2Fauth0-deploy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ukayani%2Fauth0-deploy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ukayani%2Fauth0-deploy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ukayani%2Fauth0-deploy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ukayani","download_url":"https://codeload.github.com/ukayani/auth0-deploy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248008617,"owners_count":21032554,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth0","automation","cli","deployment","oauth"],"created_at":"2024-09-24T23:18:13.543Z","updated_at":"2025-04-10T06:40:46.971Z","avatar_url":"https://github.com/ukayani.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Auth0 Deploy\n\nA module which allows easy convention-based deployment of Auth0 components\n\n**NOTE**: This tool is not actively maintained anymore. A similar tool which is under active development can be found at [Auth0 Deploy CLI](https://github.com/auth0/auth0-deploy-cli/)\n\n### Supported Components\n\nCurrently the module supports the following components:\n\n- Clients (with client grants) - Create/Update\n- Resource Servers (API) - Create/Update\n- Connections - Create/Update\n- Rules - Create/Update\n\n## Installation\n\n```javascript\nnpm install -g auth0-deploy\n```\n\n# Usage (CLI)\n\nTo create components in Auth0 you must create a folder for each\ncomponent, with the folder name corresponding to the component name.\n\nEach component is grouped under a component type folder.\n\nThe following is an example structure of components:\n\n```\ncomponents\n├── clients\n│   └── my-client\n│       ├── config.json\n│       └── grants.json\n│       └── login.html\n├── connections\n│   └── member-idp\n│       ├── config.json\n│       └── login.js\n├── rules\n│   └── member-rule\n│       ├── config.json\n│       └── rule.js\n└── resource-servers\n    └── members\n        └── config.json\n\n```\n\nEach component type has its own folder. Within this folder are folders corresponding to the names of each component of that type.\n\nIn the above example we expect the following components:\n\n- Client\n    - my-client\n- Connection\n    - member-idp\n- Resource Server\n    - members\n- Rules\n    - member-rule\n\n### Common Conventions\n\n1. The **name** of a component is determined by its folder name\n2. The options for the component are specified via a `config.json` in the components folder\n    - The `config.json` should match the JSON body format for the component as described in the [Management API](https://auth0.com/docs/api/management/v2#!/Connections/post_connections)\n    - Each component has sensible defaults for the JSON body, properties included in `config.json` override the defaults\n\n### General CLI Usage\n\n```bash\nauth0-deploy \u003ccomponent-type\u003e [name] [options]\n```\n\n**component-type** : Can be any of the following: `resource`, `connection`, `client`, `rule`\n\n**options**\n\n```\nOptions:\n\n    -h, --help                      output usage information\n    -V, --version                   output the version number\n    -t, --token \u003ctoken\u003e             Auth0 Management API token\n    -c, --client-id \u003cid\u003e            Auth0 Client ID\n    -s, --client-secret \u003csecret\u003e    Auth0 Client Secret\n    -d, --auth0-domain \u003cdomain\u003e     Auth0 Domain\n    -w, --working-dir \u003cworkingdir\u003e  working directory for auth0 components (defaults to current working directory)\n```\n\nSpecifying the name of the component is optional. If the name is not specified, all components under the component type's folder will be\ncreated/updated.\n\n**Authorization**\n\nIn order to allow the API calls to the management API to succeed you must:\n\n- Create a client which has grants for the appropriate scopes (see: [Auth0 Deploy Cli](https://github.com/auth0/auth0-deploy-cli#to-create-client-by-hand))\n    - Specify `--client-id` and `--client-secret` via cli\n    - Specify Auth0 Domain for the account via `--auth0-domain`\n\n**OR**\n\n- Create a token from the Management API page with appropriate scopes\n    - Specify `token` via cli\n    - Specify Auth0 Domain for the account via `--auth0-domain`\n\n### Scopes\n\nThe client/token used with the tool must have the following scopes:\n\n```\n# For Resource Servers\nread:resource_servers\nupdate:resource_servers\ncreate:resource_servers\n\n# For connections\nread:connections\nupdate:connections\ncreate:connections\n\n# For Clients\nread:clients\nupdate:clients\ncreate:clients\n\nread:client_grants\nupdate:client_grants\ncreate:client_grants\ndelete:client_grants\n\nread:rules\nupdate:rules\ncreate:rules\n```\n\n## Connections\n\nIn addition to the common conventions, creation of connection resources allows specification of custom script code.\n\nIn order for your custom scripts to be included as a part of the connection creation, you must create\n`.js` files corresponding to the custom script.\n\nThe following scripts are supported:\n\n- **Login** -\u003e login.js\n- **Create** -\u003e create.js\n- **Verify** -\u003e verify.js\n- **Change** Password -\u003e change_password.js\n- **Delete** -\u003e delete.js\n- **Get User** -\u003e get_user.js\n\nFrom the above example, you can see that only the `login.js` custom script is specified.\nAny of the scripts which are specified will be added to the connection during creation.\n\nExample `config.json`\n\n```json\n{\n  \"options\": {\n    \"bareConfiguration\":{\n      \"hostname\": \"https://myidpurl.com\"\n    }\n  }\n}\n```\n\nThe above `config.json` specifies some configuration properties for the custom scripts to access\n\n### Command\n\nChange directory to components folder (ie. your folder should contain `connections`, `clients`, etc.\n\n```bash\nauth0-deploy connection --token \u003cyour-access-token\u003e --auth0-domain \u003cyourhost.auth0.com\u003e\n```\n\nThe above example uses the token Authorization method\n\n## Resource Servers\n\nTo create a resource server you must specify a `config.json` which describes the body of the resource for the management API.\n\nLets say we have the following directory structure:\n\n```\ncomponents\n├── resource-servers\n│   └── members\n│       └── config.json\n\n```\n\n\nAn example `config.json` would look like:\n\n```json\n{\n  \"identifier\": \"https://members.mydomain.com\",\n  \"scopes\": [\n    {\"value\": \"read:email\"},\n    {\"value\": \"read:friends\"}\n  ],\n  \"signing_alg\": \"RS256\"\n}\n```\n\nThis would create a resource named `members` with scopes: `read:email` and `read:friends`\n\n```bash\nauth0-deploy resource --token \u003cyour-access-token\u003e --auth0-domain \u003cyourhost.auth0.com\u003e\n```\n\n## Client\n\nClients follow the same convention as resources except you can specify **client-grants** via\nthe file `grants.json` and a login hosted page via `login.html`\n\nThis file must consist of an array of grants which conform to the grant body as per the [Management API](https://auth0.com/docs/api/management/v2#!/Client_Grants/post_client_grants) requirements.\nEach grant must omit the `client_id` property as this will be automatically filled based on the given client.\n\nAn example `grants.json` would look like:\n\n```json\n[\n  {\n    \"audience\": \"https://some-host.auth0.com/api/v2/\",\n    \"scope\": [\n      \"read:users\"\n    ]\n  }\n]\n```\n\nAs you can see, the grant specifies the `audience` and `scope`, but not the `client_id`\n\n```bash\nauth0-deploy client --token \u003cyour-access-token\u003e --auth0-domain \u003cyourhost.auth0.com\u003e\n```\n\n## Rule\n\nTo create rules you must specify a `rule.js` file which contains your rule code. In addition to the `rule.js`\nyou can also specify a `config.json` similar to other components.\n\nAn example `config.json` would look like:\n\n```json\n{\n  \"order\": 2,\n  \"stage\": \"login_success\"\n}\n```\n\n\n```bash\nauth0-deploy rule \u003crule-name\u003e --token \u003cyour-access-token\u003e --auth0-domain \u003cyourhost.auth0.com\u003e\n# \u003crule-name\u003e is optional\n```\n\n## Environment specific overrides\n\nYou may want to have differing values for certain configuration options based on the environment you\nare deploying to.\n\nFor example, if we want to create a connection which contacts our own IDP server to authenticate users, you\nmay want to specify different URIs for the IDP server for each environment.\n\nTo do so, you can add placeholders to your `config.json` files in the form: `@@PLACEHOLDER_NAME@@`\n\nGoing back to the connection example, lets look at an example `config.json`\n\n### Environment Specific config\n\n```json\n{\n  \"options\": {\n    \"bareConfiguration\":{\n      \"hostname\": \"@@IDP_URI@@\"\n    }\n  }\n}\n```\n\nHere we have a placeholder for the value of the `hostname` config property.\nThe placeholders name is `IDP_URI`\n\nTo specify values for this placeholder you can:\n\n- Export an environment variable with the name `IDP_URI` before executing the deploy command\n\n**OR**\n\n- Specify an argument `--IDP_URI \u003curi\u003e` with the deploy command\n\nExample:\n\n```bash\nauth0-deploy connection --token \u003cyour-access-token\u003e --auth0-domain \u003cyourhost.auth0.com\u003e --IDP_URI https://myidp.organization.com\n```\n\nThe above command will replace all instances of the placeholder `IDP_URI` with the given url (which may be specific to the environment)\n\n#### For Rules\nIf you want environment specific values for your rule, you can create an `env.json` file inside your rule folder like the following\n\n```\ncomponents\n|\n├── rules\n│   └── member-rule\n│       ├── config.json\n│       ├── rule.js\n|       └── env.json\n\n```\nexample env.json\n```json\n{\n  \"MY_CLAIM_KEY\": \"https://example.com/channel\",\n  \"MY_CLAIM_VALUE\": \"WEBSITE\",\n  \"MY_CLIENT_ID\": \"@@MY_CLIENT_ID@@\" //placeholder value\n}\n```\n\nYou can then reference the env. variables you define in `env.json` inside your rule script via `configuration` object.\n```javascript\n# rule.js\n\nfunction injectMyClaim(user, context, callback) {\n  const mobileClientId = configuration.MOBILE_CLIENT_ID\n  const claimKey = configuration.MY_CLAIM_KEY\n  const claimValue = configuration.MY_CLAIM_VALUE\n  if (context.clientID === mobileClientId) {\n    context.accessToken[claimKey] = claimValue;\n  }\n\n  callback(null, user, context);\n}\n```\n\n\n# Usage (as a node module)\n\n...\n\n# License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fukayani%2Fauth0-deploy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fukayani%2Fauth0-deploy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fukayani%2Fauth0-deploy/lists"}