diff --git a/main/docs.json b/main/docs.json index 0e7d59705a..e8fb7f66bb 100644 --- a/main/docs.json +++ b/main/docs.json @@ -673,7 +673,7 @@ "pages": [ "docs/authenticate/custom-token-exchange", "docs/authenticate/custom-token-exchange/cte-example-use-cases", - "docs/authenticate/custom-token-exchange/configure-custom-token-exchange", + "docs/authenticate/custom-token-exchange/configure-custom-token-exchange", "docs/authenticate/custom-token-exchange/cte-multi-factor-authentication", "docs/authenticate/custom-token-exchange/cte-attack-protection" ] @@ -1325,9 +1325,16 @@ { "group": "Actions", "pages": [ - "docs/customize/actions", "docs/customize/actions/actions-overview", "docs/customize/actions/write-your-first-action", + { + "group": "Actions Modules", + "pages": [ + "docs/customize/actions/modules/actions-modules-overview", + "docs/customize/actions/modules/write-your-first-action-module" + ] + }, + "docs/customize/actions/action-coding-guidelines", { "group": "Explore Triggers", "pages": [ @@ -1413,11 +1420,12 @@ ] }, "docs/customize/actions/use-cases", - "docs/customize/actions/action-coding-guidelines", + "docs/customize/actions/transaction-metadata", "docs/customize/actions/limitations", + "docs/customize/actions/actions-real-time-logs", + "docs/customize/actions/actions-templates", "docs/customize/actions/actions-npm", "docs/customize/actions/actions-unit-test", - "docs/customize/actions/transaction-metadata", "docs/customize/actions/manage-dependencies", "docs/customize/actions/manage-versions", "docs/customize/actions/test-actions", @@ -1431,9 +1439,7 @@ "docs/customize/actions/migrate/migrate-from-hooks-to-actions", "docs/customize/actions/migrate/actions-migration-limitations" ] - }, - "docs/customize/actions/actions-templates", - "docs/customize/actions/actions-real-time-logs" + } ] }, { @@ -3879,7 +3885,7 @@ "docs/fr-ca/customize/login-pages/advanced-customizations/configure", "docs/fr-ca/customize/login-pages/advanced-customizations/quickstart", "docs/fr-ca/customize/login-pages/advanced-customizations/development-workflow", - "docs/fr-ca/customize/login-pages/advanced-customizations/deployment-workflow", + "docs/fr-ca/customize/login-pages/advanced-customizations/deployment-workflow", { "group": "Cas d'utilisation", "pages": [ @@ -4016,7 +4022,6 @@ { "group": "Actions", "pages": [ - "docs/fr-ca/customize/actions", "docs/fr-ca/customize/actions/actions-overview", "docs/fr-ca/customize/actions/write-your-first-action", { @@ -4096,8 +4101,10 @@ }, "docs/fr-ca/customize/actions/use-cases", "docs/fr-ca/customize/actions/action-coding-guidelines", - "docs/fr-ca/customize/actions/limitations", "docs/fr-ca/customize/actions/transaction-metadata", + "docs/fr-ca/customize/actions/limitations", + "docs/fr-ca/customize/actions/actions-real-time-logs", + "docs/fr-ca/customize/actions/actions-templates", "docs/fr-ca/customize/actions/manage-dependencies", "docs/fr-ca/customize/actions/manage-versions", "docs/fr-ca/customize/actions/test-actions", @@ -4110,9 +4117,7 @@ "docs/fr-ca/customize/actions/migrate/migrate-from-hooks-to-actions", "docs/fr-ca/customize/actions/migrate/actions-migration-limitations" ] - }, - "docs/fr-ca/customize/actions/actions-templates", - "docs/fr-ca/customize/actions/actions-real-time-logs" + } ] }, { @@ -6364,7 +6369,6 @@ { "group": "Actions", "pages": [ - "docs/ja-jp/customize/actions", "docs/ja-jp/customize/actions/actions-overview", "docs/ja-jp/customize/actions/write-your-first-action", { @@ -6444,8 +6448,10 @@ }, "docs/ja-jp/customize/actions/use-cases", "docs/ja-jp/customize/actions/action-coding-guidelines", - "docs/ja-jp/customize/actions/limitations", "docs/ja-jp/customize/actions/transaction-metadata", + "docs/ja-jp/customize/actions/limitations", + "docs/ja-jp/customize/actions/actions-real-time-logs", + "docs/ja-jp/customize/actions/actions-templates", "docs/ja-jp/customize/actions/manage-dependencies", "docs/ja-jp/customize/actions/manage-versions", "docs/ja-jp/customize/actions/test-actions", @@ -6458,9 +6464,7 @@ "docs/ja-jp/customize/actions/migrate/migrate-from-hooks-to-actions", "docs/ja-jp/customize/actions/migrate/actions-migration-limitations" ] - }, - "docs/ja-jp/customize/actions/actions-templates", - "docs/ja-jp/customize/actions/actions-real-time-logs" + } ] }, { @@ -20073,7 +20077,11 @@ }, { "source": "/docs/actions", - "destination": "/docs/customize/actions" + "destination": "/docs/customize/actions/actions-overview" + }, + { + "source": "/docs/customize/actions", + "destination": "/docs/customize/actions/actions-overview" }, { "source": "/docs/authenticate/protocols/scim/configure-inbound-scim/inbound-scim-for-okta-workforce-connections", diff --git a/main/docs/customize/actions.mdx b/main/docs/customize/actions.mdx deleted file mode 100644 index 929512ca81..0000000000 --- a/main/docs/customize/actions.mdx +++ /dev/null @@ -1,71 +0,0 @@ ---- -description: Describes Auth0 Actions, which are secure, tenant-specific, self-contained functions that allow you to customize the behavior of Auth0. -title: Auth0 Actions ---- -Actions are secure, tenant-specific, versioned functions written in Node.js that execute at certain points within the Auth0 platform. Actions are used to customize and extend Auth0's capabilities with custom logic. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Read...To learn...                                
Understand How Auth0 Actions WorkHow Auth0 Actions work.
Write Your First ActionHow to write an Action, which includes choosing a trigger, creating an Action and configuring it, and binding it to the flow.
Explore TriggersHow to use Action triggers that represent the pipeline through which information moves through Auth0.
Action Use CasesAbout a variety of examples of implementations using Actions.
Actions Coding GuidelinesHow to write clear, concise, and secure Actions code with our coding guidelines.
Action LimitationsAbout limitations with Actions that you should consider.
Actions Transaction MetadataHow to use Transaction Metadata to pass user or application metadata between login and post-login Actions.
Manage DependenciesHow to install and manage dependencies inside of Actions.
Manage VersionsHow to compare drafted and deployed versions of Actions and revert to previous version if necessary.
Test ActionsHow to test and debug Auth0 Actions.
ReleasesAbout released versions of Actions, including breaking changes and new features.
Migrate to ActionsHow to migrate to Auth0 Actions from Rules and Hooks as well as explore migration tools and limitations.
Templates for ActionsHow to use Actions Templates.
Actions Real-time LogsHow to use the Auth0 Actions Real-time Logs.
diff --git a/main/docs/customize/actions/action-coding-guidelines.mdx b/main/docs/customize/actions/action-coding-guidelines.mdx index d767d30253..56bbc66616 100644 --- a/main/docs/customize/actions/action-coding-guidelines.mdx +++ b/main/docs/customize/actions/action-coding-guidelines.mdx @@ -23,6 +23,19 @@ Follow the guidelines below to write performant, secure, and clear Actions code * Actions should never intentionally throw an error; if processes stop because of an error or condition, use the appropriate `api` method like `api.access.deny()`. * Use `event.request.hostname` for the domain used in Authentication API calls; this could be the default Auth0 tenant domain or a [custom domain](/docs/customize/custom-domains). +## Actions Modules + +* Use Actions Modules when there is a need to reuse functions across different Actions, preventing code redundancy. +* Save object instantiation time when possible, by implementing Singleton pattern to reuse object instances at the Action Module. +* Follow the applicable guidelines shared in this document regarding coding, security, logging, dependencies, and user data. +* When using an Action Module from an Action, always be aware of the module version that is being used. + + + +When publishing a new Action Module version, it doesn't automatically upgraded the version referenced at the Actions, preventing potential breakage when the upgrade is not compatible with the Action. + + + ## Coding basics * Check for strict equals `===` with any incoming or stored data. diff --git a/main/docs/customize/actions/actions-npm.mdx b/main/docs/customize/actions/actions-npm.mdx index 912ca5d6a4..8700c4407b 100644 --- a/main/docs/customize/actions/actions-npm.mdx +++ b/main/docs/customize/actions/actions-npm.mdx @@ -216,7 +216,7 @@ In your `tsconfig.json`, define any development dependencies to have intelliSens -#### Post-Login access control and ID token custom claims +### Post-Login access control and ID token custom claims The following example Action would execute during the Post-Login flow. It checks if the user has roles assigned, and calls `api.access.deny()` if none are found. If roles are present, it proceeds to set the custom claim on the ID token. diff --git a/main/docs/customize/actions/actions-overview.mdx b/main/docs/customize/actions/actions-overview.mdx index f720944902..d0acc61d47 100644 --- a/main/docs/customize/actions/actions-overview.mdx +++ b/main/docs/customize/actions/actions-overview.mdx @@ -1,6 +1,7 @@ --- description: Describes how Auth0 Actions work and what you can accomplish with them. title: Understand How Auth0 Actions Work +sidebarTitle: Overview --- Actions are secure, tenant-specific, [versioned](/docs/customize/actions/manage-versions) functions written in Node.js that execute at certain points within the Auth0 platform. Actions are used to customize and extend Auth0's capabilities with custom logic. @@ -115,22 +116,28 @@ What an Action can do is determined by where it is executed within the Auth0 run * An Action can be edited and tested without affecting the version that is currently serving production traffic. * If an issue is found within an Action, it can be rolled back to a previous version. +### Reuse custom functions + +* Create, manage, and share functions between Actions using [Actions Modules](/docs/customize/actions/modules/actions-modules-overview). + ### Access to npm packages -Nearly all [public `npm` packages](https://www.npmjs.com/) are available to be used within Actions. +* Nearly all [public `npm` packages](https://www.npmjs.com/) are available to be used within Actions. ### Observability -When Actions are executed, Auth0 will capture key metrics about them and link them to [Auth0 Logs](/docs/deploy-monitor/logs). +* When Actions are executed, Auth0 will capture key metrics about them and link them to [Auth0 Logs](/docs/deploy-monitor/logs). +* When debugging, use the [Actions Real-time Logs](/docs/customize/actions/actions-real-time-logs) feature. ### Multiple Actions on every trigger -Every Action trigger supports multiple independent Actions. +* Every Action trigger supports multiple independent Actions. ## Get started * [Write your first Action](/docs/customize/actions/write-your-first-action)! -* See the current [limitations of Actions](/docs/customize/actions/limitations). +* See the current [Action Coding Guidelines](/docs/customize/actions/action-coding-guidelines). +* See the current [Actions Limitations](/docs/customize/actions/limitations). ## Learn more diff --git a/main/docs/customize/actions/limitations.mdx b/main/docs/customize/actions/limitations.mdx index 0547d2376c..078ba788f3 100644 --- a/main/docs/customize/actions/limitations.mdx +++ b/main/docs/customize/actions/limitations.mdx @@ -4,10 +4,18 @@ title: Actions Limitations --- The following limitations exist when using Actions: + +Learn more about Entity Limits, read: [Actions Entity Limits](/docs/troubleshoot/customer-support/operational-policies/entity-limit-policy#actions). + + ## Actions * Each Action should not exceed 100 kB. The larger the size, the more latency is introduced, which may have an impact on the performance of your system. This size limit does not include any `npm` modules that may be referenced as part of any `require` statements. +## Actions Modules + +* Each Action Module can have dependencies to NPM Modules, but not to other Action Modules. + ## Account Linking (setPrimaryUser) * `primary_user_id` is limited to 128 characters @@ -24,16 +32,6 @@ The following limitations exist when using Actions: * The cache should be available for all Actions in the same trigger for a single execution reliably, however for subsequent executions (such as a different flow, another user login, or a user returning from a redirect action) it is not guaranteed. * Actions that perform an Execution that yields back (such as a redirect) may result in subsequent actions being scheduled on a separate instance with a different cache state. Cached data could be inconsistent from one Action to the next even if it is the same execution. -## Dependencies - -* Each Action may have a maximum of 10 `npm` modules. - -## Entity limits - -* Each tenant may have a maximum of 100 Actions (including both deployed and undeployed). When an Action is deleted, it no longer counts toward the limit. -* Each Action may have a maximum of 50 associated versions (both draft and active). Once the limit is reached, every additional version that is added will result in the oldest version being deleted. -* Each trigger may have a maximum of 20 active bound Actions. - ## Executions * Each execution of a trigger must complete in 20 seconds or less or the processing will end in an error. Limiting HTTP requests is the best way to keep within this time limit. @@ -51,7 +49,6 @@ The following limitations exist when using Actions: ## Secrets -* Each Action may have a maximum of 30 secrets. * Each secret key may have a maximum length of 128 characters. * Each secret value may have a maximum length of 4096 characters. diff --git a/main/docs/customize/actions/modules/actions-modules-overview.mdx b/main/docs/customize/actions/modules/actions-modules-overview.mdx new file mode 100644 index 0000000000..d57314b5be --- /dev/null +++ b/main/docs/customize/actions/modules/actions-modules-overview.mdx @@ -0,0 +1,32 @@ +--- +description: Describes how to share functions between Actions. +title: Actions Modules +sidebarTitle: Overview +--- + + Actions Modules is currently available in Early Access. By using this feature, you agree to the applicable Free Trial terms in Okta’s [Master Subscription Agreement](https://www.okta.com/legal/). To learn more about Auth0’s release stages, read [Product Release Stages](/docs/troubleshoot/product-lifecycle/product-release-stages). + + +Actions Modules allow you to create, manage, and share reusable code across different Actions within your Auth0 Tenant. + +Previously, each Action operated independently, making it difficult to share common functions between them without using external dependencies like NPM Modules. With Actions Modules, now it's possible to: + +* Create custom modules with functions hosted by Auth0. +* Use the functions defined at each custom module within one or more Actions. +* Each custom module can define independent secrets and add dependencies to NPM modules. + +To learn more about writing Actions with Actions Modules, read [Write Your First Action Module](/docs/customize/actions/modules/write-your-first-action-module). + + + Actions Modules are not bound to a particular Trigger or Action type, therefore the functions defined them can be reused across Actions bound to different Triggers. + + +To learn more about Actions Modules Limitations, read [Actions Limitations](/docs/customize/actions/limitations). + +## Performance + +By adopting Action Modules according to the [Coding Guidelines](/docs/customize/actions/action-coding-guidelines), you can improve execution performance by sharing and reusing objects that have a costly instantiation process. + + + However, the improvement is not guaranteed, as it depends on the specific use case, the implementation, and the load and frequency of executions. + diff --git a/main/docs/customize/actions/modules/write-your-first-action-module.mdx b/main/docs/customize/actions/modules/write-your-first-action-module.mdx new file mode 100644 index 0000000000..850cad2faf --- /dev/null +++ b/main/docs/customize/actions/modules/write-your-first-action-module.mdx @@ -0,0 +1,313 @@ +--- +mode: wide +description: This guide demonstrates how to use Auth0 Actions Modules +sidebarTitle: Write Your First Action Module +title: Write Your First Action Module +--- + +import {AuthCodeGroup} from "/snippets/AuthCodeGroup.jsx"; + +## Get Started + +This quickstart demonstrates how to write an Action Module and use it from an Action to send logs to an external service. + + + + To use an Action Module from an specific Action, you first need to create the Action Module and then add/use it in an Action. + + + {/* + + 1. Get an Auth0 Management API Access Token. + 2. Make a request to [Create Module](https://auth0.com/docs/api/management/v2/actions/post-action-module): + ```shell lines + curl -L 'https://[TENANT_DOMAIN]/api/v2/actions/modules' \ + -H 'Content-Type: application/json' \ + -H 'Accept: application/json' \ + -H 'Authorization: Bearer [ACCESS_TOKEN]' \ + -d '{"name":"logger","code":"module.exports = {};","api_version":"1","publish":false}' + ``` + + */} + + 1. Navigate to [Auth0 Dashboard > Actions > Library](https://manage.auth0.com/#/actions/library) then select **Modules**. + 2. Select **Create Module**. + 3. Enter a **Name**. + 4. Select **Create**. + + The Code Editor appears + + ![Actions Modules - New Action Module](/docs/images/customize/actions/modules/actions-modules-new-module.png) + + {/* + + + */} + + + + Now, let’s write some code! + + + {/* + + https://auth0.com/docs/api/management/v2/actions/patch-action-module + + */} + + Add the following code to your Action Module: + + ```javascript lines + module.exports = { + sendLog: async (code, message) => { + try { + await fetch(actions.secrets.SERVICE_URL, { + method: 'POST', + headers: { + 'X-API-Key': actions.secrets.API_KEY, + }, + body: JSON.stringify({ + code, + message + }), + }); + + console.log({ + code, + message + }); + } catch (err) { + throw new Error('External service failure'); + } + + return; + } + }; + ``` + + {/* + + + */} + + + + Each Action Module can contain Secret key/values pairs, which are suitable for holding sensitive information, such as API Keys, Certificates, and also values that may change across environments. + + + {/* + + https://auth0.com/docs/api/management/v2/actions/patch-action-module + + + Let’s store the external service URL as a Secret. + + 1. Select the **** icon from the code editor's left sidebar. + 2. Select **Add Secret**. + 3. Enter the **Name** as `SERVICE_URL`. + 4. Enter the external service URL at the **Value** field. + 5. Select **Create**. + + ![Actions Modules - Secret added](/docs/images/customize/actions/modules/actions-modules-secret.png) + + You’ll see that the Secret has been added to the Action Module Secret list. + + */} + {/* + + + */} + + + **Extra Step:** Repeat the steps to store an `API_KEY` as a Secret to be sent in the headers to the external service in each request. + + + Once a Secret has been created, its value will never be revealed. Auth0 encrypts all Secrets and stores them securely. + + + + Each **Action Module Secret** is independent from other **Action Modules** and **Actions** **Secrets**. + + + + Use **Secrets** at the Action Module by typing `actions.secrets.[secret_key]`. + + + + You can save a draft of your Action Module. + + + {/* + + https://auth0.com/docs/api/management/v2/actions/patch-action-module + + */} + + 1. Select **Save Draft**. + + ![Actions Modules - Draft saved](/docs/images/customize/actions/modules/actions-modules-draft.png) + + {/* + + + */} + + + Your Action Module is now saved, but a new version is not yet published, therefore no effects over Actions using it. + + + Once you are satisfied with the Action Module code, it’s time to **Publish** it. + + + {/* + + https://auth0.com/docs/api/management/v2/actions/post-action-module-version + + */} + + 1. Select **Publish**. + + + + Publishing an Action Module takes a snapshot of it at that time and records it as an **Action Module Version**. + + + + 2. Select **View Version History** + + ![Actions Modules - Version History](/docs/images/customize/actions/modules/actions-modules-published-version.png) + + You should be able to see the list of Action Module Versions including the Draft. + + {/* + + + */} + + + You are now able to start using the Action Module in an Action. + + + Each **Action Module Version** needs to be explicitly referenced by the **Action**, preventing automatic upgrades that could introduce unexpected errors. + + + + Let’s add the Action Module in an Action. + + + {/* + + https://auth0.com/docs/api/management/v2/actions/patch-action + https://auth0.com/docs/api/management/v2/actions/post-deploy-action + + */} + + 1. Navigate to [Auth0 Dashboard > Actions > Library](https://manage.auth0.com/#/actions/library) then select an specific **Action**. + 2. Once at the Action Editor, select the **** icon from the left sidebar. + 3. Select **Add Module**. + 4. Select a Module **Name** and **Version**. + 5. Select **Add**. + + ![Actions - Add Action Module](/docs/images/customize/actions/modules/actions-modules-add-module.png) + + {/* + + + */} + + + + Now, let’s use the Action Module in the Action. + + + {/* + + https://auth0.com/docs/api/management/v2/actions/patch-action + https://auth0.com/docs/api/management/v2/actions/post-deploy-action + + */} + + 1. Add the **require** statement. + + ```javascript lines + const logger = require('actions:logger'); + ``` + + + The **require** statement should reference the Action Module with the format **actions:[module-name]**. + + + 2. Add the call to `logger.sendLog` in the **Action function**, where you want logs to be sent. + + ```javascript lines + await logger.sendLog('logger_success', 'Your Action was able to use the Logger Action Module'); + ``` + + 3. Select **Deploy** the Action. + + ![Actions - Use Action Module](/docs/images/customize/actions/modules/actions-modules-use-module.png) + + + + {/* + + + */} + + + + Remember to bind the Action to a Trigger + + + + + + **Checkpoint** + + You should now have a fully functional **Action Module** being used by an **Action**. + + +--- + +## Advanced Usage + + + Each **Action Module** can add/use **NPM Dependencies**. + + + {/* + + + */} + + 1. Select the **** icon from the code editor's left sidebar. + 2. Select **Add Dependency**. + 3. Enter the **Name** of the **NPM package**. + 4. Enter the **Version** of the **NPM package**. + 5. Select **Create**. + + ![Actions Modules - Dependency added](/docs/images/customize/actions/modules/actions-modules-dependency.png) + + You’ll see that the Dependency has been added to the Action Module Dependency list. + + {/* + + + */} + + + + Use the listed **Dependencies** at the Action Module by requiring them through `require('[package-name]')`. + + + + When you save this Action, the latest version of your dependency will be resolved and replaced with a specific version number to keep future updates to the package from breaking your Action. + + You can provide an spcific version to be used instead of latest. + + +{/* + + + +*/} diff --git a/main/docs/customize/actions/write-your-first-action.mdx b/main/docs/customize/actions/write-your-first-action.mdx index 886ab8e64b..b3a79ed3c4 100644 --- a/main/docs/customize/actions/write-your-first-action.mdx +++ b/main/docs/customize/actions/write-your-first-action.mdx @@ -4,27 +4,28 @@ title: Write Your First Action --- This guide will walk you through how to create and deploy your first Action using the Auth0 Dashboard. When you finish, you should understand the basic functionality that you will use with all Actions and you will be familiar with the programming model. What you will learn constitutes the foundation of writing any Action, regardless of its purpose or the flow. -## The goal: notify Slack on user login +## Goal 1: notify Slack on user login You are creating an Action that sends a message to a Slack channel when a user logs in. While this tutorial will use the Post Login trigger, the information provided here is useful for triggers of any type. To accomplish this task, you will do the following: * [Create an Action](#create-an-action) -* [Add a Secret](#add-a-secret) -* [Add a dependency](#add-a-dependency) -* [Save the Draft](#save-the-draft) -* [Add custom logic](#add-custom-logic) +* [Add an Secret](#add-an-action-secret) +* [Add an Dependency](#add-an-action-dependency) +* [Save the Draft](#save-the-action-draft) +* [Add Custom Logic](#add-action-custom-logic) * [Test an Action](#test-an-action) -* [Deploy an Action](#deploy-the-action) -* [Attach an Action to a Flow](#attach-the-action-to-a-flow) +* [Deploy an Action](#deploy-an-action) +* [Attach an Action to a Flow](#attach-an-action-to-a-flow) +* [Debug Actions in Real-time Logs](#debug-actions-in-tenant-logs) * [See the results of an Action in Tenant Logs](#observe-actions-in-tenant-logs) -## Prerequisites +### Prerequisites Because this Action will be sending messages to a Slack channel, you need to [create an Incoming Webhook for a Slack Workspace](https://api.slack.com/messaging/webhooks). Once you have a Slack Webhook URL, you may continue with this guide. -## Create an Action +### Create an Action To get an Action working in a specific flow, you need to create the Action and then add it to a flow. @@ -35,7 +36,7 @@ The Actions Code Editor appears: ![Actions Code Editor](/docs/images/cdy7uua7fh8z/12Q8OEuDI39eWuWsrVVwN0/ff7dd385d33aee704e1cb603f43c679b/2025-02-28_13-27-14.png) -## Create an Action from a Template +### Create an Action from a Template The Actions Template gallery offers a variety of starter templates on their way to creating an Action. To create an Action from a Template: @@ -45,7 +46,7 @@ The Actions Template gallery offers a variety of starter templates on their way 4. You should now see a read-only preview of the code within the template. To proceed, select **Use this template**. 5. Enter a name, and select **Create**. -## Add a Secret +### Add a Secret Each Action can contain Secret values, which are suitable for holding sensitive information, such as Access Tokens and API Keys. Let’s store the Slack Webhook URL as a Secret. @@ -64,7 +65,7 @@ Once a Secret has been created, its value will never be revealed. Auth0 encrypts -## Add a dependency +### Add a dependency You’ll be using the [`@slack/webhook` `npm` package](https://www.npmjs.com/package/@slack/webhook) to make it easy to send a message to Slack. You can use nearly any public `npm` package in an Action as long as it can be installed without relying on [native add-ons](https://www.npmjs.com/package/node-gyp). @@ -84,11 +85,11 @@ When you save this Action, the latest version of your dependency will be resolve -## Save the Draft +### Save the Draft Select **Save Draft**. Your Action is saved, but it won’t be executed as part of any user flows yet. With Actions, you have the opportunity to create, edit, and test Actions before they affect any traffic in your Auth0 tenant. Once you’re happy with the behavior of the Action, you’ll deploy the Action and add it to a Flow later. -## Add custom logic +### Add custom logic Now that the Action has been configured with a Secret and a dependency, let’s write some code! @@ -115,7 +116,7 @@ exports.onExecutePostLogin = async (event, api) => { Select **Save Draft** to save your Action. -## Test the Action +### Test the Action Before you run this Action in your tenant with real user traffic, test it to ensure it behaves as expected. @@ -148,6 +149,14 @@ The final step in configuring a new Action so that it’s executed as part of yo The Action is now running for real user traffic within your tenant. If you’d like a more robust testing environment, consider [setting up multiple Auth0 environments](/docs/get-started/auth0-overview/create-tenants/set-up-multiple-environments). +### Debug Actions in Actions Real-time Logs + +Now that your Action is running as part of the Login flow, Auth0 captures information about each Action execution in the tenant logs. To view this, navigate to [Auth0 Dashboard > Monitoring > Logs](https://manage.auth0.com/#/logs), and select a **Successful Login** event. + +You should see an **Action Details** view that contains information about any Actions that were executed as part of that flow. + +![Tenant Logs: Action Details view](/docs/images/cdy7uua7fh8z/61k82wmsXSb9M3wOExM4jH/51fae3a36a8ecddeec08bc45da468e2b/Action_logs_-_English.png) + ## Observe Actions in Tenant Logs Now that your Action is running as part of the Login flow, Auth0 captures information about each Action execution in the tenant logs. To view this, navigate to [Auth0 Dashboard > Monitoring > Logs](https://manage.auth0.com/#/logs), and select a **Successful Login** event. @@ -156,6 +165,103 @@ You should see an **Action Details** view that contains information about any Ac ![Tenant Logs: Action Details view](/docs/images/cdy7uua7fh8z/61k82wmsXSb9M3wOExM4jH/51fae3a36a8ecddeec08bc45da468e2b/Action_logs_-_English.png) +## Goal 2: send custom logs to an external service + +Starting from the based on [Goal 1](#goal-1:-notify-slack-on-user-login), now you are creating an Action Module that sends a logs to an external service from multiple Actions. + +To accomplish this task, you will do the following: + +* [Create an Action Module](#create-an-action-module) +* [Add Action Module Custom Logic](#add-action-module-custom-logic) +* [Add an Action Module Secret](#add-an-action-module-secret) +* [Add an Action Module Dependency](#add-an-action-module-dependency) +* [Save the Action Module Draft](#save-the-action-module-draft) +* [Publish the Action Module](#deploy-the-action-module) +* [Attach an Action Module to an Action](#attach-the-action-module-to-an-Action) +* [Debug and Observe Action Modules](#debug-and-observe-action-modules) + +### Prerequisites + +Because this Action Module will be sending messages to an external service, you need to follow the service specifications to send a compatible an HTTP request. + + + +For this example we will be using a mocked service. + + + +### Create an Action Module + +To use an Action Module from an specific Action, you first need to create the Action Module and then add/use it in an Action. + +1. Navigate to [Auth0 Dashboard > Actions > Library](https://manage.auth0.com/#/actions/library) then select **Modules**. +2. Select **Create Module**. +2. Enter a **Name** and select **Create**. + +The Actions Modules Code Editor appears: + +![Actions Modules Code Editor](/docs/images/customize/actions/modules/actions-modules-editor.png) + +### Add Action Module Custom Logic + +Now that the Action has been configured with a Secret and a dependency, let’s write some code! + +Every Action has an event object that contains read-only, contextual information relevant to the associated trigger. If you start typing `event.` in the Editor, you should be presented with all the available properties of the event. To learn more about which information is available on each trigger, read [Explore Flows and Triggers](/docs/customize/actions/explore-triggers). + +Let’s use our Action to notify Slack. Add this code to your action: + +```javascript lines +const { IncomingWebhook } = require('@slack/webhook'); + +exports.onExecutePostLogin = async (event, api) => { + const url = event.secrets.SLACK_WEBHOOK_URL; + const webhook = new IncomingWebhook(url); + + // Send the notification + await webhook.send({ text: "Logging In..." }); +}; +``` + +Select **Save Draft** to save your Action. + +### Add a Secret + +Each Action can contain Secret values, which are suitable for holding sensitive information, such as Access Tokens and API Keys. Let’s store the Slack Webhook URL as a Secret. + +1. Select the Key Icon from the code editor's left sidebar +2. Select **Add Secret**. +3. Give the Secret the following name: `SLACK_WEBHOOK_URL`. +4. Paste in the Webhook URL provided by Slack and select **Create**. + +You’ll see that the Secret has been added to the Action and you can use the new secret via intelligent code complete by typing `event.secrets`. + +![Actions Code Editor - Your Secret has been added in the Secrets section.](/docs/images/cdy7uua7fh8z/4FyFtKRSIYuigxE9U8TkEJ/9598b5909694631ca673f748abf2268a/Screen_Shot_2022-02-09_at_3.24.05_PM.png) + + + +Once a Secret has been created, its value will never be revealed. Auth0 encrypts all Secrets and stores them securely. + + + +### Add an Action Module Dependency + +This particular example doesn't require a dependency for the Action Module, but when needed you can add dependencies to the Action Module by: + +1. Select the Dependency icon (cube icon) in the sidebar. +2. For **Name**, enter `[NPM package name]`. +3. For **Version**, by default, your Action Module will use the latest version of the dependency at the time the dependency was added. +3. Select **Create**, and the Dependency should be added to the Action: + +![Actions Code Editor: Your dependency has been added.](/docs/images/customize/actions/modules/actions-modules-dependency.png) + + + +When you save this Action, the latest version of your dependency will be resolved and replaced with a specific version number to keep future updates to the package from breaking your Action. + +You can provide an spcific version to be used instead of latest. + + + ## Next steps -Now that you’ve written your first Action, check out [Explore Flows and Triggers](/docs/customize/actions/explore-triggers) to learn how to perform some common tasks with Actions. +Now that you’ve written your first Action, check out [Explore Triggers](/docs/customize/actions/explore-triggers) to learn how to perform some common tasks with Actions. diff --git a/main/docs/fr-ca/customize/actions.mdx b/main/docs/fr-ca/customize/actions.mdx deleted file mode 100644 index 56346f2958..0000000000 --- a/main/docs/fr-ca/customize/actions.mdx +++ /dev/null @@ -1,56 +0,0 @@ ---- -title: "Auth0 Actions" -'description': "Décrit les Auth0 Actions, qui sont des fonctions sécurisées, spécifiques au locataire et autonomes qui vous permettent de personnaliser le comportement d’Auth0." ---- - -Les actions sont des fonctions sécurisées, spécifiques au locataire, avec version, écrites en Node.js qui s’exécutent à certains points de la plateforme Auth0. Les actions sont utilisées pour personnaliser et étendre les capacités d’Auth0 avec une logique personnalisée. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Lisez...Pour en savoir plus...                                
Comprendre le fonctionnement des Auth0 ActionsComment fonctionnent les Auth0 Actions.
Programmer votre première ActionComment programmer une Action, ce qui comprend le choix d’un déclencheur, la création d’une Action et sa configuration, et la liaison au flux.
Explorer les déclencheursÀ propos des déclencheurs d’Action qui représentent le pipeline par lequel les informations circulent chez Auth0.
Cas d’utilisation d’ActionÀ propos de divers exemples d’implémentations utilisant des Actions.
Limitations des ActionsÀ propos des limitations avec les Actions que vous devriez envisager.
Gérer les dépendancesComment installer et gérer les dépendances à l’intérieur des Actions.
Gérer les versionsComment comparer les versions rédigées et déployées des Actions et revenir à la version précédente si nécessaire.
Migrer des Règles aux ActionsComment convertir vos règles existantes en Actions post-connexion.
Migrer des Crochets aux ActionsComment convertir vos Crochets existants en Actions.
Migrer d’Actions Bêta à FinalComment migrer les actions que vous avez créées pendant la période Actions Bêta.
\ No newline at end of file diff --git a/main/docs/images/customize/actions/modules/actions-modules-add-module.png b/main/docs/images/customize/actions/modules/actions-modules-add-module.png new file mode 100644 index 0000000000..325c82ed1f Binary files /dev/null and b/main/docs/images/customize/actions/modules/actions-modules-add-module.png differ diff --git a/main/docs/images/customize/actions/modules/actions-modules-dependency.png b/main/docs/images/customize/actions/modules/actions-modules-dependency.png new file mode 100644 index 0000000000..297af76119 Binary files /dev/null and b/main/docs/images/customize/actions/modules/actions-modules-dependency.png differ diff --git a/main/docs/images/customize/actions/modules/actions-modules-draft.png b/main/docs/images/customize/actions/modules/actions-modules-draft.png new file mode 100644 index 0000000000..95e3107f33 Binary files /dev/null and b/main/docs/images/customize/actions/modules/actions-modules-draft.png differ diff --git a/main/docs/images/customize/actions/modules/actions-modules-new-module.png b/main/docs/images/customize/actions/modules/actions-modules-new-module.png new file mode 100644 index 0000000000..5a766d9bf4 Binary files /dev/null and b/main/docs/images/customize/actions/modules/actions-modules-new-module.png differ diff --git a/main/docs/images/customize/actions/modules/actions-modules-published-version.png b/main/docs/images/customize/actions/modules/actions-modules-published-version.png new file mode 100644 index 0000000000..4915d376c0 Binary files /dev/null and b/main/docs/images/customize/actions/modules/actions-modules-published-version.png differ diff --git a/main/docs/images/customize/actions/modules/actions-modules-secret.png b/main/docs/images/customize/actions/modules/actions-modules-secret.png new file mode 100644 index 0000000000..cd7cecce96 Binary files /dev/null and b/main/docs/images/customize/actions/modules/actions-modules-secret.png differ diff --git a/main/docs/images/customize/actions/modules/actions-modules-use-module.png b/main/docs/images/customize/actions/modules/actions-modules-use-module.png new file mode 100644 index 0000000000..5defca7206 Binary files /dev/null and b/main/docs/images/customize/actions/modules/actions-modules-use-module.png differ diff --git a/main/docs/ja-jp/customize/actions.mdx b/main/docs/ja-jp/customize/actions.mdx deleted file mode 100644 index 0f28ff225c..0000000000 --- a/main/docs/ja-jp/customize/actions.mdx +++ /dev/null @@ -1,56 +0,0 @@ ---- -title: "Auth0 Actions" -'description': "Auth0 Actionsがセキュリティが保護されたテナント固有の自己完結型の機能で、Auth0の動作をカスタマイズできることについて説明します。" ---- - -アクションは安全でテナント固有のバージョン管理された関数で、Node.jsで記述され、Auth0プラットフォームにある特定の拠点で実行されます。アクションは、カスタムロジックでAuth0の機能をカスタマイズおよび拡張するために使用されます。 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
トピック説明                                
Auth0 Actionsの仕組みを理解するAuth0 Actionsの仕組みについて説明します。
アクションを初めて作成するトリガーの選択、アクションの作成と構成、フローへのバインディングなど、アクションの書き方について説明します。
トリガーを検討するAuth0で情報が移動するパイプラインであるアクショントリガーについて説明します。
アクションのユースケースアクションを使った実装例を取り揃えてご紹介します。
アクションの制限考慮するべきアクションの制限について説明します。
依存関係を管理するアクション内部の依存関係をインストールして管理する方法について説明します。
バージョンを管理するアクションのドラフトとデプロイ済みのバージョンを比較する方法や、必要であれば以前のバージョンに戻す方法について説明します。
RulesからActionsに移行する既存のルールをpost-login(ログイン後)アクションに変換する方法について説明します。
HooksからActionsに移行する既存のフックをアクションに変換する方法について説明します。
Actionsをベータ版から最終版に移行するベータ期間中のActionsで作成したアクションを移行する方法について説明します。
\ No newline at end of file diff --git a/main/docs/troubleshoot/customer-support/operational-policies/entity-limit-policy.mdx b/main/docs/troubleshoot/customer-support/operational-policies/entity-limit-policy.mdx index e14c44054e..de959ce2fa 100644 --- a/main/docs/troubleshoot/customer-support/operational-policies/entity-limit-policy.mdx +++ b/main/docs/troubleshoot/customer-support/operational-policies/entity-limit-policy.mdx @@ -2,7 +2,7 @@ description: Describes Auth0's tenant entity limit policy for subscribers. title: Entity Limit Policy --- -Entities in Auth0 are tenant configuration elements such as applications, connections, rules, and API resource servers. +Entities in Auth0 are tenant configuration elements such as Applications, Connections, Organizations, API resource servers, Permissions, Roles, Actions. @@ -10,75 +10,117 @@ Entity limits are hard limits on entities that are enforced for the health of ou -## Global subscription plan limits + + +Any use of the term "unlimited" means that there are no hard limits, but the threshold is subject to system limitations set by Okta. Please reach out to support if you have any questions on these limits. + + + +## Global Subscription Plan Limits This section lists limits that apply to all subscription plans. -The Organizations feature is subject to the following limits: +### Organizations -| Entity | Maximum | -| ---------------------------------------- | -------------------------------------------------- | -| Organizations per tenant | 100,000 | -| Members per organization | 100,000 | -| Connections per organization | 10 | -| Role assignments per organization member | 50 | -| M2M client grants per organization | 100 (Public Cloud)

1000 (Private Cloud) | -| Custom Token Exchange Profiles | 100 | +| Entity | Limit | +| -------------------------------------------------- | -------- | +| Organizations per Tenant | 100,000 | +| Members per Organization | 100,000 | +| Connections per Organization | 10 | +| Role Assignments per Organization Member | 50 | +| M2M Client Grants per Organization (Public Cloud) | 100 | +| M2M Client Grants per Organization (Private Cloud) | 1000 | +| Custom Token Exchange Profiles | 100 | Customers on Enterprise plans can request increased entity limits for Organizations per tenant and Organization members per Organization by [contacting support](https://support.auth0.com/). These limits can be increased to 2,000,000 Organizations per tenant and 2,000,000 Organization members per Organization on public cloud. On private cloud instances, these entities are unlimited. -The Authorization Core Role-Based Access Control (RBAC) feature set is subject to the following limits: - -| Feature | Limit | -| -------------------- | ----- | -| Roles per tenant | 1000 | -| Scopes per API | 1000 | -| Roles per user | 50 | -| Permissions per user | 1000 | -| Permissions per role | 1000 | - -Note that limitations on permissions per user affect those assigned directly. -Technically, a user could have more permissions than noted if the permissions -were assigned to different roles and then the roles were assigned to the user. -Refresh tokens -are also subject to limitation. Refresh tokens have a limit of 200 valid tokens -per user per application. If the limit is reached and a new refresh token is +### Authorization Core Role-Based Access Control (RBAC) + +| Entity | Limit | +| --------------------------------------- | ----- | +| Roles per Tenant | 1000 | +| Scopes per API (Resource Servers) | 1000 | +| Roles per User | 50 | +| Permissions per User | 1000 | +| Permissions per Role | 1000 | + + + +Note that limitations on Permissions per user affect those assigned directly. + +Technically, a user could have more Permissions than noted if the Permissions +were assigned to different Roles and then the Roles were assigned to the User. + + + +| Entity | Limit | +| ---------------------------------------- | ------ | +| Refresh Token per User per Application | 200 | + + + +If the Refresh tokens limit is reached and a new Refresh Token is created, the system revokes or deletes the oldest token for that user in the -application. Revoked tokens and expired tokens do not count against the limit. +Application. -| Token type | Per user / application | -| ---------- | ---------------------- | -| Refresh | 200 | +Revoked tokens and expired tokens do not count against the limit. -The Forms feature is subject to the following limits: + + +### Actions + +| Entity | Limit | +| -------------------------------------------- | ----- | +| Actions per Tenant | 100 | +| Actions per Trigger per Tenant | 20 | +| Actions Modules per Tenant | 100 | +| Actions Modules per Action | 3 | +| Versions per Action | 50 | +| Versions per Action Module | 50 | +| Secrets per Action | 30 | +| Secrets per Action Module | 30 | +| Dependencies (NPM Modules) per Action | 10 | +| Dependencies (NPM Modules) per Action Module | 10 | + + + +Actions and Actions Modules limits include both deployed and undeployed entities. When deleted, they no longer count toward the specific limit. + +Actions Versions limits include both draft and active. Once the limit is reached, every additional version that is added will result in the oldest version being deleted. + + -| Feature | Limit | +### Forms + +| Entity | Limit | | ---------------- | ----- | -| Forms per tenant | 500 | -| Flows per tenant | 500 | +| Forms per Tenant | 500 | +| Flows per Tenant | 500 | + +## Subscription Plan -## Enterprise subscription limits +### Enterprise -| Entity | Maximum | +| Entity | Limit | | ----------------------- | ------- | -| API Resource Servers | 100,000 | +| API (Resource Servers) | 100,000 | | Applications | 100,000 | | Client Grants | 100,000 | | Application Credentials | 2,000 | -## Self-service paid subscription limits +### Self-service -| Entity | Maximum | -| -------------------- | ------- | -| Applications | 100 | -| Client Grants | 10,000 | -| Connections | 100 | -| Rules | 10 | -| API Resource Servers | 100 | +| Entity | Limit | +| ---------------------- | ------- | +| Applications | 100 | +| Client Grants | 10,000 | +| Connections | 100 | +| Rules | 10 | +| API (Resource Servers) | 100 | -## Free subscription limits +### Free @@ -86,17 +128,11 @@ Free tenants only support a maximum of two social connections. -| Entity | Maximum | -| --------------------------- | ------- | -| Applications | 10 | -| Client Grants | 100 | -| Connections | 100 | -| Rules | 3 | -| API Resource Servers | 10 | -| Admins (including on Teams) | 3 | - - - -Any use of the term "unlimited" means that there are no hard limits, but the threshold is subject to system limitations set by Okta. Please reach out to support if you have any questions on these limits. - - +| Entity | Limit | +| ----------------------------- | ------- | +| Applications | 10 | +| Client Grants | 100 | +| Connections | 100 | +| Rules | 3 | +| API (Resource Servers) | 10 | +| Admins (including on Teams) | 3 |