steampipe plugin install auth0

Table: auth0_tenant_settings - Query Auth0 Tenant Settings using SQL

Auth0 is a flexible, drop-in solution to add authentication and authorization services to your applications. Your software can use Auth0 to authenticate and authorize users with a wide variety of identity providers, including social, enterprise, and username/password databases. Tenant settings in Auth0 provide configuration details and settings for each tenant, including enabled features, default settings, and customization options.

Table Usage Guide

The auth0_tenant_settings table provides insights into tenant settings within Auth0. As a security analyst or an application developer, explore tenant-specific details through this table, including enabled features, default settings, and other customization options. Utilize it to uncover information about each tenant's configuration, such as settings related to user registration, login, and identity providers.

Examples

SSO settings

Analyze the settings to understand if Single Sign-On (SSO) is enabled and if changes to these settings are permitted, helping to ensure secure access management.

select
flags ->> 'enable_sso' as enable_sso,
flags ->> 'allow_changing_enable_sso' as allow_changing_enable_sso
from
auth0_tenant_settings;
select
json_extract(flags, '$.enable_sso') as enable_sso,
json_extract(flags, '$.allow_changing_enable_sso') as allow_changing_enable_sso
from
auth0_tenant_settings;

Enabled locales

Explore which locales have been enabled in your Auth0 tenant settings. This can help in understanding the geographical distribution of your user base.

select
l as enabled_locales
from
auth0_tenant_settings t,
jsonb_array_elements(t.enabled_locales) l;
select
l.value as enabled_locales
from
auth0_tenant_settings t,
json_each(t.enabled_locales) l;

Session and idle session lifetime settings

Analyze the settings to understand the duration of active and idle sessions within your Auth0 tenant. This can help optimize user experience by managing session lengths and idle times.

select
session_lifetime,
idle_session_lifetime
from
auth0_tenant_settings;
select
session_lifetime,
idle_session_lifetime
from
auth0_tenant_settings;

Schema for auth0_tenant_settings

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
allowed_logout_urlsjsonbA set of URLs that are valid to redirect to after logout from Auth0.
change_passwordjsonbChange password page settings.
default_audiencetextDefault audience for API Authorization.
default_directorytextName of the connection that will be used for password grants at the token endpoint.
default_redirection_uritextThe default absolute redirection uri, must be https and cannot contain a fragment.
device_flowjsonbSettings for device flow.
domain_nametext=, !=, ~~, ~~*, !~~, !~~*The name of the domain.
enabled_localesjsonbSupported locales for the UI.
error_pagejsonbSettings for the error page.
flagsjsonbTenant flags.
friendly_nametextThe friendly name of the tenant.
guardian_mfa_pagejsonbGuardian MFA page settings.
idle_session_lifetimedouble precisionForce a user to login after they have been inactive for the specified number (hours).
picture_urltextThe URL of the tenant logo.
sandbox_versiontextThe selected sandbox version to be used for the extensibility environment.
sandbox_versions_availablejsonbA set of available sandbox versions for the extensibility environment.
session_cookiejsonbSession cookie settings.
session_lifetimedouble precisionLogin session lifetime, how long the session will stay valid (hours).
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
support_emailtextUser support email.
support_urltextUser support URL.
universal_loginjsonbUsed to store additional metadata.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- auth0

You can pass the configuration to the command with the --config argument:

steampipe_export_auth0 --config '<your_config>' auth0_tenant_settings